summaryrefslogtreecommitdiff
path: root/swat2/scripting/preauth.esp
diff options
context:
space:
mode:
Diffstat (limited to 'swat2/scripting/preauth.esp')
-rw-r--r--swat2/scripting/preauth.esp48
1 files changed, 0 insertions, 48 deletions
diff --git a/swat2/scripting/preauth.esp b/swat2/scripting/preauth.esp
deleted file mode 100644
index e6d04faf8d..0000000000
--- a/swat2/scripting/preauth.esp
+++ /dev/null
@@ -1,48 +0,0 @@
-<%
-include("/scripting/common.js");
-
-/* this script is called on every web request. If it produces any
- output at all then that output is returned and the requested page
- is not given or processed.
-*/
-
-/*
- check if a uri is one of the 'always allowed' pages, even when not logged in
- This allows the login page to use the same style sheets and images
-*/
-function always_allowed(uri) {
- var str = string_init();
-
- /* allow jsonrpc-based applications to do their own authentication */
- var s = str.split('/', uri);
- if (s[0] == "" && s[1] == 'index.html') {
- return true;
- }
-
- var s = str.split('.', uri);
- if (s.length < 2) {
- return false;
- }
-
- var ext = s[s.length-1];
- var allowed = new Array("ico", "gif", "png","css", "js");
- for (i in allowed) {
- if (allowed[i] == ext) {
- return true;
- }
- }
- return false;
-}
-
-
-if (server['SERVER_PROTOCOL'] == "http" &&
- server['TLS_SUPPORT'] == "True") {
- write("redirect to https");
- redirect("https://" + headers['HOST'] + request['REQUEST_URI']);
-} else if (always_allowed(request['REQUEST_URI']) != true &&
- session['AUTHENTICATED'] == undefined) {
- /* present the login page */
- include("/login.esp");
-}
-
-%>
generated by cgit (git 2.34.1) at 2024-07-12 00:20:28 +0000