#447 Member모듈에서 로그인/회원가입/정보-비밀번호 수정등 비밀번호 관련 정보의 전송에 대해 SSL사용을 설정할 수 있도록 변경. 단 서버에서 SSL지원이 되어야 하며 현재 기본포트에 대해서만 개발 완료되었음. 로그인 위젯의 경우 기본 위젯에 대해 보안페이지 설정 기능을 추가

git-svn-id: http://xe-core.googlecode.com/svn/sandbox@4109 201d5d3c-b55e-5fd7-737f-ddc643e51545
2026-05-09 03:52:15 +09:00 · 2008-04-16 06:27:41 +00:00 · 2008-04-16 06:27:41 +00:00 · 89090a5cb9
commit 89090a5cb9
parent a588225372
32 changed files with 345 additions and 128 deletions
--- a/common/js/common.js
+++ b/common/js/common.js
@ -48,7 +48,17 @@ String.prototype.setQuery = function(key, val) {
    } else {
        if(val.toString().trim()) uri = uri+"?"+key+"="+val;
    }
-    //uri = uri.replace(request_uri+'?',request_uri+'index.php?');
+
+    uri = uri.replace(/^https:\/\//i,'http://');
+    if(typeof(ssl_actions)!='undefined' && typeof(ssl_actions.length)!='undefined' && uri.getQuery('act')) {
+        var act = uri.getQuery('act');
+        for(i=0;i<ssl_actions.length;i++) {
+            if(ssl_actions[i]==act) {
+                uri = uri.replace(/^http:\/\//i,'https://');
+                break;
+            }
+        }
+    }
    return uri;
 }

@ -989,3 +999,13 @@ if(xIE4Up) {
        }
    }
 }
+
+
+/* 보안 로그인 모드로 전환 */
+function toggleSecuritySignIn() {
+    var href = location.href;
+    if(/https:\/\//i.test(href)) location.href = href.replace(/^https/i,'http');
+    else location.href = href.replace(/^http/i,'https');
+}   
+
+
--- a/common/js/xml_handler.js
+++ b/common/js/xml_handler.js
@ -19,15 +19,6 @@ function exec_xml(module, act, params, callback_func, response_tags, callback_fu

    if(typeof(response_tags)=="undefined" || response_tags.length<1) response_tags = new Array('error','message');

-    var waiting_obj = xGetElementById("waitingforserverresponse");
-    if(show_waiting_message && waiting_obj) {
-        xInnerHtml(waiting_obj, waiting_message);
-
-        xTop(waiting_obj, xScrollTop()+20);
-        xLeft(waiting_obj, xScrollLeft()+20);
-        waiting_obj.style.visibility = "visible";
-    }
-
    oXml.request(xml_response_filter, oXml, callback_func, response_tags, callback_func_arg, fo_obj);
 }

@ -95,7 +86,7 @@ function xml_handlerRequest(callBackFunc, xmlObj, callBackFunc2, response_tags,
    +  "<params>\n"

    for (var key in this.params) {
-	if(!this.params.hasOwnProperty(key)) continue;
+        if(!this.params.hasOwnProperty(key)) continue;
        var val = this.params[key];
        rd += "<"+key+"><![CDATA["+val+"]]></"+key+">\n";
    }
@ -103,12 +94,43 @@ function xml_handlerRequest(callBackFunc, xmlObj, callBackFunc2, response_tags,
    rd += "</params>\n"
    +  "</methodCall>\n";

+    // ssl action
+    if(typeof(ssl_actions)!='undefined' && typeof(ssl_actions.length)!='undefined' && typeof(this.params['act'])!='undefined' && /^https:\/\//i.test(location.href) ) {
+        var action = this.params['act'];
+        for(i=0;i<ssl_actions.length;i++) {
+            if(ssl_actions[i]==action) {
+                this.xml_path = this.xml_path.replace(/^http:\/\//i,'https://');
+                break;
+            }
+        }
+    }
+
    if(this.obj_xmlHttp.readyState!=0) {
        this.obj_xmlHttp.abort();
        this.obj_xmlHttp = this.getXmlHttp();
    }
    this.obj_xmlHttp.onreadystatechange = function () {callBackFunc(xmlObj, callBackFunc2, response_tags, callback_func_arg, fo_obj)};
-    this.obj_xmlHttp.open("POST", this.xml_path, true);
+
+    // 모든 xml데이터는 POST방식으로 전송. try-cacht문으로 오류 발생시 대처
+    try {
+
+        this.obj_xmlHttp.open("POST", this.xml_path, true);
+
+    } catch(e) {
+        alert(e);
+        return;
+    }
+
+    // ajax 통신중 대기 메세지 출력 (show_waiting_message값을 false로 세팅시 보이지 않음)
+    var waiting_obj = xGetElementById("waitingforserverresponse");
+    if(show_waiting_message && waiting_obj) {
+        xInnerHtml(waiting_obj, waiting_message);
+
+        xTop(waiting_obj, xScrollTop()+20);
+        xLeft(waiting_obj, xScrollLeft()+20);
+        waiting_obj.style.visibility = "visible";
+    }
+
    this.obj_xmlHttp.send(rd);
 }

--- a/common/tpl/common_layout.html
+++ b/common/tpl/common_layout.html
@ -1,4 +1,4 @@
-{@ $js_files = Context::getJsFile() }{@ $css_files = Context::getCssFile() }<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html lang="{Context::getLangType()}" xml:lang="{Context::getLangType()}" xmlns="http://www.w3.org/1999/xhtml">
 <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
@ -17,6 +17,7 @@
 <!--@end-->
    <meta http-equiv="imagetoolbar" content="no" />
    <title>{Context::getBrowserTitle()}</title>
+{@ $js_files = Context::getJsFile() }
 <!--@foreach($js_files as $key => $js_file)-->
 <!--@if($js_file['targetie'])-->
    <!--[if {$js_file['targetie']}]>
@ -26,6 +27,8 @@
    <![endif]-->
 <!--@end-->
 <!--@end-->
+
+{@ $css_files = Context::getCssFile() }
 <!--@foreach($css_files as $key => $css_file)-->
 <!--@if($css_file['targetie'])-->
    <!--[if {$css_file['targetie']}]>
@ -38,11 +41,14 @@
 <!--@if($rss_url)-->
    <link rel="alternate" type="application/rss+xml" title="RSS 2.0" href="{$rss_url}" />
 <!--@end-->
+
+{@ $ssl_actions = Context::getSSLActions() }
    <script type="text/javascript">//<![CDATA[
        var current_url = "{$current_url}";
        var request_uri = "{$request_uri}";
        var current_mid = "{$mid}";
        var waiting_message = "{$lang->msg_call_server}";
+        var ssl_actions = new Array(<!--@if(count($ssl_actions))-->"{implode('","',$ssl_actions)}"<!--@end-->);
    //]]></script>

    {Context::getHtmlHeader()}