fix bug #86: correctly decode cookie

ce2d54c9 · Dietmar Maurer · d45576df · ce2d54c9 · ce2d54c9 · ce2d54c9
Commit ce2d54c9 authored Jan 17, 2012 by Dietmar Maurer
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 2 deletions

REST.pm PVE/REST.pm +8 -1

changelog.Debian debian/changelog.Debian +2 -0

Workspace.js www/manager/Workspace.js +2 -1

No files found.
--- a/PVE/REST.pm
+++ b/PVE/REST.pm
@@ -18,6 +18,7 @@ use HTML::Entities;
 use PVE::JSONSchema;
 use PVE::AccessControl;
 use PVE::RPCEnvironment;
+use URI::Escape;

 use Data::Dumper; # fixme: remove

@@ -44,7 +45,13 @@ sub extract_auth_cookie {

    return undef if !$cookie;

-    return ($cookie =~ /(?:^|\s)$cookie_name=([^;]*)/)[0];
+    my $ticket = ($cookie =~ /(?:^|\s)$cookie_name=([^;]*)/)[0];
+
+    if ($ticket && $ticket =~ m/^PVE%3A/) {
+	$ticket = uri_unescape($ticket);
+    }
+
+    return $ticket;
 }

 sub create_auth_cookie {

--- a/debian/changelog.Debian
+++ b/debian/changelog.Debian
@@ -2,6 +2,8 @@ pve-manager (2.0-20) unstable; urgency=low

  * fix bug #85: allow root@pam to generate tickets for other users

+  * fix bug #86: correctly decode cookie
+  
 -- Proxmox Support Team <support@proxmox.com>  Tue, 17 Jan 2012 06:36:23 +0100

 pve-manager (2.0-19) unstable; urgency=low

--- a/www/manager/Workspace.js
+++ b/www/manager/Workspace.js
@@ -26,6 +26,8 @@ Ext.define('PVE.Workspace', {
 	me.loginData = loginData;
 	PVE.CSRFPreventionToken = loginData.CSRFPreventionToken;
 	PVE.UserName = loginData.username;
+	var expire = Ext.Date.add(new Date(), Ext.Date.HOUR, 2);
+	Ext.util.Cookies.set('PVEAuthCookie', loginData.ticket, expire);
 	me.onLogin(loginData);
    },

@@ -88,7 +90,6 @@ Ext.define('PVE.Workspace', {
 		    url: '/api2/json/access/ticket',
 		    method: 'POST',
 		    success: function(response, opts) {
-			// cookie is automatically updated
 			var obj = Ext.decode(response.responseText);
 			me.updateLoginData(obj.data);
 		    }