Add hooks for protecting headers and redirects.

diff --git a/apache/mod_apache.cpp b/apache/mod_apache.cpp
index a633501..08498d9 100644 (file)
--- a/apache/mod_apache.cpp
+++ b/apache/mod_apache.cpp
@@ -524,6 +524,7 @@ public:
       m_req->content_type = ap_psprintf(m_req->pool, type);
   }
   void setResponseHeader(const char* name, const char* value) {
+   AbstractSPRequest::setResponseHeader(name, value);
 #ifdef SHIB_DEFERRED_HEADERS
    if (!m_rc)
       // this happens on subrequests
@@ -553,6 +554,7 @@ public:
     return DONE;
   }
   long sendRedirect(const char* url) {
+    AbstractSPRequest::sendRedirect(url);
     ap_table_set(m_req->headers_out, "Location", url);
     return REDIRECT;
   }

diff --git a/fastcgi/shibauthorizer.cpp b/fastcgi/shibauthorizer.cpp
index 59f4417..4d9a4e5 100644 (file)
--- a/fastcgi/shibauthorizer.cpp
+++ b/fastcgi/shibauthorizer.cpp
@@ -193,6 +193,7 @@ public:
         return "";\r
     }\r
     void setResponseHeader(const char* name, const char* value) {\r
+        AbstractSPRequest::setResponseHeader(name, value);\r
         // Set for later.\r
         if (value)\r
             m_response_headers.insert(make_pair(name,value));\r
@@ -229,6 +230,7 @@ public:
     }\r
 \r
     long sendRedirect(const char* url) {\r
+        AbstractSPRequest::sendRedirect(url);\r
         string hdr=string("Status: 302 Please Wait\r\nLocation: ") + url + "\r\n"\r
           "Content-Type: text/html\r\n"\r
           "Content-Length: 40\r\n"\r

diff --git a/fastcgi/shibresponder.cpp b/fastcgi/shibresponder.cpp
index 1537e33..78a3c9d 100644 (file)
--- a/fastcgi/shibresponder.cpp
+++ b/fastcgi/shibresponder.cpp
@@ -1,5 +1,5 @@
 /*\r
- *  Copyright 2001-2007 Internet2\r
+ *  Copyright 2001-2009 Internet2\r
  *\r
  * Licensed under the Apache License, Version 2.0 (the "License");\r
  * you may not use this file except in compliance with the License.\r
@@ -145,6 +145,7 @@ public:
     }\r
 \r
     void setResponseHeader(const char* name, const char* value) {\r
+        AbstractSPRequest::setResponseHeader(name, value);\r
         // Set for later.\r
         if (value)\r
             m_headers.insert(make_pair(name,value));\r
@@ -182,6 +183,7 @@ public:
     }\r
 \r
     long sendRedirect(const char* url) {\r
+        AbstractSPRequest::sendRedirect(url);\r
         string hdr=string("Status: 302 Please Wait\r\nLocation: ") + url + "\r\n"\r
           "Content-Type: text/html\r\n"\r
           "Content-Length: 40\r\n"\r

diff --git a/isapi_shib/isapi_shib.cpp b/isapi_shib/isapi_shib.cpp
index dd571f7..0c6baf5 100644 (file)
--- a/isapi_shib/isapi_shib.cpp
+++ b/isapi_shib/isapi_shib.cpp
@@ -534,6 +534,7 @@ public:
     return getSecureHeader("remote-user");
   }
   void setResponseHeader(const char* name, const char* value) {
+    AbstractSPRequest::setResponseHeader(name, value);
     // Set for later.
     if (value)
         m_headers.insert(make_pair(name,value));
@@ -562,7 +563,7 @@ public:
     return SF_STATUS_REQ_FINISHED;
   }
   long sendRedirect(const char* url) {
-    // XXX: Don't support the httpRedirect option, yet.
+    AbstractSPRequest::sendRedirect(url);
     string hdr=string("Location: ") + url + "\r\n"
       "Content-Type: text/html\r\n"
       "Content-Length: 40\r\n"
@@ -843,6 +844,7 @@ public:
     return buf.empty() ? "" : buf;
   }
   void setResponseHeader(const char* name, const char* value) {
+    AbstractSPRequest::setResponseHeader(name, value);
     // Set for later.
     if (value)
         m_headers.insert(make_pair(name,value));
@@ -904,6 +906,7 @@ public:
     return HSE_STATUS_SUCCESS;
   }
   long sendRedirect(const char* url) {
+    AbstractSPRequest::sendRedirect(url);
     string hdr=string("Location: ") + url + "\r\n"
       "Content-Type: text/html\r\n"
       "Content-Length: 40\r\n"

diff --git a/nsapi_shib/nsapi_shib.cpp b/nsapi_shib/nsapi_shib.cpp
index b18e914..61db6d2 100644 (file)
--- a/nsapi_shib/nsapi_shib.cpp
+++ b/nsapi_shib/nsapi_shib.cpp
@@ -422,6 +422,7 @@ public:
       setResponseHeader("Content-Type", type);
   }
   void setResponseHeader(const char* name, const char* value) {
+    AbstractSPRequest::setResponseHeader(name, value);
     pblock_nvinsert(name, value, m_rq->srvhdrs);
   }
 
@@ -440,6 +441,7 @@ public:
     return REQ_EXIT;
   }
   long sendRedirect(const char* url) {
+    AbstractSPRequest::sendRedirect(url);
     param_free(pblock_remove("content-type", m_rq->srvhdrs));
     pblock_nninsert("content-length", 0, m_rq->srvhdrs);
     pblock_nvinsert("expires", "01-Jan-1997 12:00:00 GMT", m_rq->srvhdrs);

diff --git a/shibsp/AbstractSPRequest.cpp b/shibsp/AbstractSPRequest.cpp
index 7f880ba..8ab6645 100644 (file)
--- a/shibsp/AbstractSPRequest.cpp
+++ b/shibsp/AbstractSPRequest.cpp
@@ -328,3 +328,12 @@ bool AbstractSPRequest::isPriorityEnabled(SPLogLevel level) const
         (level == SPError ? Priority::ERROR : Priority::CRIT))))
         );
 }
+
+void AbstractSPRequest::setResponseHeader(const char* name, const char* value)
+{
+}
+
+long AbstractSPRequest::sendRedirect(const char* url)
+{
+    return HTTPResponse::XMLTOOLING_HTTP_STATUS_MOVED;
+}

diff --git a/shibsp/AbstractSPRequest.h b/shibsp/AbstractSPRequest.h
index 318f68c..46d4485 100644 (file)
--- a/shibsp/AbstractSPRequest.h
+++ b/shibsp/AbstractSPRequest.h
@@ -71,6 +71,8 @@ namespace shibsp {
         const char* getHandlerURL(const char* resource=NULL) const;
         void log(SPLogLevel level, const std::string& msg) const;
         bool isPriorityEnabled(SPLogLevel level) const;
+        void setResponseHeader(const char* name, const char* value);
+        long sendRedirect(const char* url);
 
     private:
         ServiceProvider* m_sp;