From d9749756ca49dc5b6f65a3e1af877deae1161e2f Mon Sep 17 00:00:00 2001 From: David Cook Date: Mon, 20 Jan 2014 11:54:26 +1100 Subject: [PATCH] Bug 11575 - OPACBaseURL sometimes set by ENV variable and not system preference This patch changes how the OPACBaseURL parameter gets set in the subroutine get_template_and_user in Auth.pm. Currently, it's being set by the $ENV{'SERVER_NAME'} variable. In many cases, this will probably match the URL that the user uses to access a page. However, this causes problems with reverse proxies. There are ways to compensate for proxy servers (such as inspecting other variables set by the web server), but such a solution seems a bit convoluted...especially since we already use the system preference OPACBaseURL in many other parts of Koha. We probably shouldn't be passing OPACBaseURL from Auth.pm at all, and instead use the Koha TT plugin and using_https param to determine protocol. However, that's outside the scope of this bug/patch. This patch is just meant to fix an existing bug. I did leave the $ENV{'SERVER_NAME'} as a full back if OPACBaseURL isn't set, but that's it. _TEST PLAN_ Before applying: 1) Clear your OPACBaseURL preference 2) Perform a search in the OPAC 3) Click on or hover over the orange RSS icon 4) Note that the URL used for the RSS links is either: a) The same URL you used to access Koha (no reverse proxy) b) The ServerName from your Koha apache conf which isn't the same URL you used to access Koha (reverse proxy) 5) Add an OPACBaseURL that isn't the same as the actual OPAC URL 6) Note that the OPACBaseURL system preference has no effect here After applying the patch: 7) Refresh the page 8) Note that the URL you see now is actually the OPACBaseURL system preference that you set 9) Clear your OPACBaseURL system preference 10) Refresh your search page 11) Note that the URL has reverted back to the URL that you saw before (either the original Koha site URL or the Koha ServerName defined in Apache and not the URL of the proxy) Signed-off-by: Chris Cormack Signed-off-by: Jonathan Druart Signed-off-by: Tomas Cohen Arazi --- C4/Auth.pm | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/C4/Auth.pm b/C4/Auth.pm index c04253aa00..1bbc0bdb37 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -405,6 +405,11 @@ sub get_template_and_user { } elsif (C4::Context->preference("SearchMyLibraryFirst") && C4::Context->userenv && C4::Context->userenv->{'branch'}) { $opac_name = C4::Context->userenv->{'branch'}; } + # FIXME Under Plack the CGI->https method always returns 'OFF' ($using_https will be set to 0 in this case) + my $opac_base_url = C4::Context->preference("OPACBaseURL"); #FIXME uses $using_https below as well + if (!$opac_base_url){ + $opac_base_url = $ENV{'SERVER_NAME'} . ($ENV{'SERVER_PORT'} eq ($using_https ? "443" : "80") ? '' : ":$ENV{'SERVER_PORT'}"); + } $template->param( opaccolorstylesheet => C4::Context->preference("opaccolorstylesheet"), AnonSuggestions => "" . C4::Context->preference("AnonSuggestions"), @@ -425,8 +430,7 @@ sub get_template_and_user { OPACMobileUserCSS => "". C4::Context->preference("OPACMobileUserCSS"), OPACViewOthersSuggestions => "" . C4::Context->preference("OPACViewOthersSuggestions"), OpacAuthorities => C4::Context->preference("OpacAuthorities"), - OPACBaseURL => ($in->{'query'}->https() ? "https://" : "http://") . $ENV{'SERVER_NAME'} . - ($ENV{'SERVER_PORT'} eq ($in->{'query'}->https() ? "443" : "80") ? '' : ":$ENV{'SERVER_PORT'}"), + OPACBaseURL => ($using_https ? "https://" : "http://") . $opac_base_url, opac_css_override => $ENV{'OPAC_CSS_OVERRIDE'}, opac_search_limit => $opac_search_limit, opac_limit_override => $opac_limit_override, -- 2.39.5