Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add AACanonicaliseName setting to control redirection to the canonical ServerName #24

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mas90
Copy link

@mas90 mas90 commented Jul 9, 2019

By default, mod_ucam_webauth redirects clients to the canonical server hostname so that cookies end up set on that domain. That is not desirable behaviour on some environments, e.g. the SRCF where the ServerName (as set by the system administrator) might not match the user's preferred domain, and might cause the cookie to go missing if the website forces redirection to a non-canonical ServerAlias.

So, I've added a new configuration directive (AACanonicaliseName) to allow this behaviour to be overridden (either globally, in a block or in .htaccess). If "AACanonicaliseName off" is configured, mod_ucam_webauth will not explicitly redirect to the canonical name, and will let ap_construct_url determine what name to use when a full self-referential URL is needed (according to Apache's UseCanonicalName directive). I have not changed the default behaviour.

The SRCF has been running with an early version of this patch for many years without issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant