From 5a869128a4371445471bcd86392680c096240d2c Mon Sep 17 00:00:00 2001
From: Jan Pazdziora <jpazdziora@redhat.com>
Date: Fri, 17 Jan 2014 14:41:19 +0800
Subject: Process incoming HTTP headers in application on backend.

Caution: make sure the application is only accessible via a proxy
which will properly clear and set these headers, so that the end user
cannot gain extra privileges.
---
 app.cgi | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'app.cgi')

diff --git a/app.cgi b/app.cgi
index badc13a..31a9f4a 100755
--- a/app.cgi
+++ b/app.cgi
@@ -22,6 +22,14 @@ my $LOGIN = '/login';
 my $LOGOUT = '/logout';
 my $AUTH_COOKIE = 'the-test-cookie';
 
+if (defined $ENV{FRONTEND_SCRIPT_NAME}) {
+	$ENV{SCRIPT_NAME} = $ENV{FRONTEND_SCRIPT_NAME};
+
+	for my $x (map { /^HTTP_(REMOTE_USER.*)/ ? ($1) : () } keys %ENV) {
+		$ENV{$x} = $ENV{"HTTP_$x"};
+	}
+}
+
 my $q = new CGI;
 my $cookie = $q->cookie($AUTH_COOKIE);
 my ($user, $name);
-- 
cgit