Do not redirect unauthenticated AJAX request to the IdP

When MellonEnable is "auth" and we get an unauthenticated AJAX request (identified by the X-Request-With: XMLHttpRequest HTTP header), fail with HTTP code 403 Forbidden instead of redirecting to the IdP. This saves resources, as the client has no opportunity to interract with the user to complete authentification.
author: manu <manu@pkgsrc.org> 2016-10-18 15:13:41 +0000
committer: manu <manu@pkgsrc.org> 2016-10-18 15:13:41 +0000
commit: b46c24290ec3a500095dd6b7d2737c30bc7fa063 (patch)
tree: a44ec42d0ffb1b4e112432d053a035e8d79b9101 /www/ap2-auth-mellon/Makefile
parent: 7e6f7539e9c07ca105ff0600e8dac15ee821a89e (diff)
download: pkgsrc-b46c24290ec3a500095dd6b7d2737c30bc7fa063.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/www/ap2-auth-mellon/Makefile b/www/ap2-auth-mellon/Makefile
index eed80bde9a3..6af925195aa 100644
--- a/www/ap2-auth-mellon/Makefile
+++ b/www/ap2-auth-mellon/Makefile
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.35 2016/10/07 18:26:12 adam Exp $
+# $NetBSD: Makefile,v 1.36 2016/10/18 15:13:41 manu Exp $
 #
 
 DISTNAME=	mod_auth_mellon-0.12.0	
 PKGNAME=	${APACHE_PKG_PREFIX}-${DISTNAME:S/mod_//:S/_/-/g}
-PKGREVISION=	2
+PKGREVISION=	3
 CATEGORIES=	www security
 MASTER_SITES=	https://github.com/UNINETT/mod_auth_mellon/releases/download/v${DISTNAME:C/.*-//}/
author	manu <manu@pkgsrc.org>	2016-10-18 15:13:41 +0000
committer	manu <manu@pkgsrc.org>	2016-10-18 15:13:41 +0000
commit	b46c24290ec3a500095dd6b7d2737c30bc7fa063 (patch)
tree	a44ec42d0ffb1b4e112432d053a035e8d79b9101 /www/ap2-auth-mellon/Makefile
parent	7e6f7539e9c07ca105ff0600e8dac15ee821a89e (diff)
download	pkgsrc-b46c24290ec3a500095dd6b7d2737c30bc7fa063.tar.gz