From raeburn at source.lon-capa.org  Mon Feb 20 13:29:34 2017
From: raeburn at source.lon-capa.org (raeburn)
Date: Mon, 20 Feb 2017 18:29:34 -0000
Subject: [LON-CAPA-cvs] cvs: rat / lonpage.pm lonpageflip.pm loncom/auth
	lonroles.pm loncom/interface coursecatalog.pm loncommon.pm
	londocs.pm lonhtmlcommon.pm lonmenu.pm lonnavmaps.pm lonsyllabus.pm
Message-ID: <cvsraeburn1487615374@cvsserver>

raeburn		Mon Feb 20 18:29:34 2017 EDT

  Modified files:              
    /loncom/interface	coursecatalog.pm loncommon.pm londocs.pm 
                     	lonhtmlcommon.pm lonmenu.pm lonnavmaps.pm 
                     	lonsyllabus.pm 
    /loncom/auth	lonroles.pm 
    /rat	lonpage.pm lonpageflip.pm 
  Log:
  - For servers using Apache/SSL, and LON-CAPA syllabus requested is configured 
    to use an external http:// URL, links to display of syllabus page use http://
    to avoid mixed active content issue, unless editing the syllabus (in which
    case https:// is used).
  
  
-------------- next part --------------
Index: loncom/interface/coursecatalog.pm
diff -u loncom/interface/coursecatalog.pm:1.91 loncom/interface/coursecatalog.pm:1.92
--- loncom/interface/coursecatalog.pm:1.91	Sat Feb 18 23:39:15 2017
+++ loncom/interface/coursecatalog.pm	Mon Feb 20 18:29:22 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Handler for displaying the course catalog interface
 #
-# $Id: coursecatalog.pm,v 1.91 2017/02/18 23:39:15 raeburn Exp $
+# $Id: coursecatalog.pm,v 1.92 2017/02/20 18:29:22 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -125,7 +125,7 @@
         }
         my $js = '<script type="text/javascript">'."\n".
                  '// <![CDATA['."\n".
-                 &courselink_javascript()."\n".
+                 &courselink_javascript($r)."\n".
                  '// ]]>'."\n".
                  '</script>'."\n";
         $r->print(&Apache::loncommon::start_page('Search for a Course/Community',$js));
@@ -254,7 +254,7 @@
 }
 
 ENDSCRIPT
-        $catjs .= &courselink_javascript();
+        $catjs .= &courselink_javascript($r);
         if (&user_is_dc($codedom) || $canviewall) {
             $catjs .= <<ENDTOGGJS
 
@@ -352,7 +352,7 @@
     my %add_entries = (topmargin    => "0",
                        marginheight => "0",);
     my $js = '<script type="text/javascript">'."\n".
-             &courselink_javascript().'</script>'."\n";
+             &courselink_javascript($r).'</script>'."\n";
     my $start_page =
         &Apache::loncommon::start_page('Course/Community Catalog',$js,
                                        {'add_entries' => \%add_entries, });
@@ -416,6 +416,8 @@
 }
 
 sub courselink_javascript {
+    my ($r) = @_;
+    my $hostname = $r->hostname();
     return <<"END";
 
 function ToSyllabus(cdom,cnum,usehttp) {
@@ -427,6 +429,10 @@
     }
     document.linklaunch.action = "/public/"+cdom+"/"+cnum+"/syllabus";
     if (usehttp == 1) {
+        var hostname = '$hostname';
+        if (hostname != '') {
+            document.linklaunch.action = 'http://'+hostname+document.linklaunch.action;
+        }
         document.linklaunch.action += '?usehttp=1';
     }
     document.linklaunch.submit();
Index: loncom/interface/loncommon.pm
diff -u loncom/interface/loncommon.pm:1.1273 loncom/interface/loncommon.pm:1.1274
--- loncom/interface/loncommon.pm:1.1273	Fri Feb 17 16:04:22 2017
+++ loncom/interface/loncommon.pm	Mon Feb 20 18:29:22 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # a pile of common routines
 #
-# $Id: loncommon.pm,v 1.1273 2017/02/17 16:04:22 raeburn Exp $
+# $Id: loncommon.pm,v 1.1274 2017/02/20 18:29:22 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -5809,6 +5809,10 @@
 
 =item * $args, optional argument valid values are
             no_auto_mt_title -> prevents &mt()ing the title arg
+            use_absolute     -> for external resource or syllabus, this will
+                                contain https://<hostname> if server uses
+                                https (as per hosts.tab), but request is for http
+            hostname         -> hostname, from $r->hostname().
 
 =item * $advtoolsref, optional argument, ref to an array containing
             inlineremote items to be added in "Functions" menu below
@@ -5834,6 +5838,7 @@
     }
     if (!$args->{'no_auto_mt_title'}) { $title = &mt($title); }
     my $httphost = $args->{'use_absolute'};
+    my $hostname = $args->{'hostname'};
 
     $function = &get_users_function() if (!$function);
     my $img =    &designparm($function.'.img',$domain);
@@ -5962,17 +5967,18 @@
             $bodytag .= Apache::lonhtmlcommon::scripttag('', 'end');
             if ($env{'request.state'} eq 'construct') {
                 $bodytag .= &Apache::lonmenu::innerregister($forcereg,
-                                $args->{'bread_crumbs'});
+                                $args->{'bread_crumbs'},'','',$hostname);
             } elsif ($forcereg) {
                 $bodytag .= &Apache::lonmenu::innerregister($forcereg,undef,
                                                             $args->{'group'},
-                                                            $args->{'hide_buttons'});
+                                                            $args->{'hide_buttons'},
+                                                            $hostname);
             } else {
                 $bodytag .= 
                     &Apache::lonmenu::prepare_functions($env{'request.noversionuri'},
                                                         $forcereg,$args->{'group'},
                                                         $args->{'bread_crumbs'},
-                                                        $advtoolsref);
+                                                        $advtoolsref,'',$hostname);
             }
         }else{
             # this is to seperate menu from content when there's no secondary
@@ -8533,7 +8539,11 @@
              bread_crumbs_nomenu -> if true will pass false as the value of $menulink
                                     to lonhtmlcommon::breadcrumbs
              group          -> includes the current group, if page is for a 
-                               specific group  
+                               specific group
+             use_absolute   -> for request for external resource or syllabus, this
+                               will contain https://<hostname> if server uses
+                               https (as per hosts.tab), but request is for http
+             hostname       -> hostname, originally from $r->hostname(), (optional).
 
 =back
 
Index: loncom/interface/londocs.pm
diff -u loncom/interface/londocs.pm:1.621 loncom/interface/londocs.pm:1.622
--- loncom/interface/londocs.pm:1.621	Sat Feb 18 23:39:15 2017
+++ loncom/interface/londocs.pm	Mon Feb 20 18:29:22 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Documents
 #
-# $Id: londocs.pm,v 1.621 2017/02/18 23:39:15 raeburn Exp $
+# $Id: londocs.pm,v 1.622 2017/02/20 18:29:22 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -920,7 +920,7 @@
              '// <![CDATA['."\n".
              &Apache::loncommon::display_filter_js('docslog')."\n".
              &editing_js($env{'user.domain'},$env{'user.name'},$supplementalflag,
-                         $coursedom,$coursenum,'','',$canedit,\$navmap)."\n".
+                         $coursedom,$coursenum,'','',$canedit,'',\$navmap)."\n".
              &history_tab_js()."\n".
              &Apache::lonratedt::editscript('simple')."\n".
              '// ]]>'."\n".
@@ -3009,7 +3009,7 @@
 sub editor {
     my ($r,$coursenum,$coursedom,$folder,$allowed,$upload_output,$crstype,
         $supplementalflag,$orderhash,$iconpath,$pathitem,$ltitoolsref,
-        $canedit,$navmapref,$hiddentop)=@_;
+        $canedit,$hostname,$navmapref,$hiddentop)=@_;
     my ($randompick,$ishidden,$isencrypted,$plain,$is_random_order,$container);
     if ($allowed) {
         (my $breadcrumbtrail,$randompick,$ishidden,$isencrypted,$plain,
@@ -3340,7 +3340,7 @@
                               $coursenum,$coursedom,$crstype,
                               $pathitem,$supplementalflag,$container,
                               \%filters,\%curr_groups,$ltitoolsref,$canedit,
-                              $isencrypted,$navmapref);
+                              $isencrypted,$navmapref,$hostname);
         $idx++;
         $shown++;
     }
@@ -3721,7 +3721,7 @@
 sub entryline {
     my ($index,$title,$url,$folder,$allowed,$residx,$coursenum,$coursedom,
         $crstype,$pathitem,$supplementalflag,$container,$filtersref,$currgroups,
-        $ltitoolsref,$canedit,$isencrypted,$navmapref)=@_;
+        $ltitoolsref,$canedit,$isencrypted,$navmapref,$hostname)=@_;
     my ($foldertitle,$renametitle,$oldtitle);
     if (&is_supplemental_title($title)) {
 	($title,$foldertitle,$renametitle) = &Apache::loncommon::parse_supplemental_title($title);
@@ -4064,6 +4064,9 @@
         } elsif ($url =~ m{^\Q/public/$coursedom/$coursenum/syllabus\E}) {
             if (($ENV{'SERVER_PORT'} == 443) &&
                 ($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'} =~ m{^http://})) {
+                if ($hostname ne '') {
+                    $url = 'http://'.$hostname.$url;
+                }
                 $url .= (($url =~ /\?/) ? '&amp;':'?').'usehttp=1';
                 $nomodal = 1;
             }
@@ -4200,7 +4203,8 @@
                                                             $forceedit,
                                                             undef,$symb,
                                                             &escape($env{'form.folderpath'}),
-                                                            $renametitle,'','',1,$suppanchor);
+                                                            $renametitle,$hostname,
+                                                            '','',1,$suppanchor);
                 if ($jscall) {
                     $editlink = '<a class="LC_docs_ext_edit" href="javascript:'.
                                 $jscall.'" >'.&mt('Edit').'</a>&nbsp;'."\n";
@@ -4228,7 +4232,12 @@
                $anchor = '#'.&HTML::Entities::encode($anchor,'"<>&');
            }
        }
-       $link = &js_escape($url.(($url=~/\?/)?'&amp;':'?').'inhibitmenu=yes'.
+       if ((!$supplementalflag) && ($nomodal) && ($hostname ne '')) {
+           $link = 'http://'.$hostname.$url;
+       } else {
+           $link = $url;
+       }
+       $link = &js_escape($link.(($url=~/\?/)?'&amp;':'?').'inhibitmenu=yes'.
                                                (($anchor ne '')?$anchor:''));
        if ($nomodal) {
            $line.='<a href="#" onclick="javascript:window.open('."'$link','syllabuspreview','height=400,width=500,scrollbars=1,resizable=1,menubar=0,location=1')".'; return false;" />'.
@@ -5370,8 +5379,9 @@
             my $tabidstr = join("','", at tabids);
             %ltitools = &Apache::lonnet::get_domain_ltitools($coursedom);
             my $posslti = keys(%ltitools);
+            my $hostname = $r->hostname();
 	    $script .= &editing_js($udom,$uname,$supplementalflag,$coursedom,$coursenum,$posslti,
-                                   $londocroot,$canedit,\$navmap).
+                                   $londocroot,$canedit,$hostname,\$navmap).
                        &history_tab_js().
                        &inject_data_js().
                        &Apache::lonhtmlcommon::resize_scrollbox_js('docs',$tabidstr,$tid).
@@ -5773,7 +5783,7 @@
     }
 
 #
-
+    my $hostname = $r->hostname();
     my $savefolderpath;
 
     if ($allowed) {
@@ -6243,7 +6253,7 @@
        unless (($supplementalflag || $toolsflag)) {
           my $error = &editor($r,$coursenum,$coursedom,$folder,$allowed,'',$crstype,
                               $supplementalflag,\%orderhash,$iconpath,$pathitem,
-                              \%ltitools,$canedit,\$navmap,$hiddentop);
+                              \%ltitools,$canedit,$hostname,\$navmap,$hiddentop);
           undef($navmap);
           if ($error) {
              $r->print('<p><span class="LC_error">'.$error.'</span></p>');
@@ -6392,7 +6402,7 @@
         if ($supplementalflag) {
            my $error = &editor($r,$coursenum,$coursedom,$folder,$allowed,'',$crstype,
                                $supplementalflag,\%suporderhash,$iconpath,$pathitem,
-                               \%ltitools,$canedit);
+                               \%ltitools,$canedit,$hostname);
            if ($error) {
               $r->print('<p><span class="LC_error">'.$error.'</span></p>');
            } else {
@@ -6412,7 +6422,7 @@
         }
     } elsif ($supplementalflag) {
         my $error = &editor($r,$coursenum,$coursedom,$folder,$allowed,'',$crstype,
-                            $supplementalflag,'',$iconpath,$pathitem);
+                            $supplementalflag,'',$iconpath,$pathitem,'','',$hostname);
         if ($error) {
             $r->print('<p><span class="LC_error">'.$error.'</span></p>');
         }
@@ -6786,7 +6796,8 @@
 }
 
 sub editing_js {
-    my ($udom,$uname,$supplementalflag,$coursedom,$coursenum,$posslti,$londocroot,$canedit,$navmapref) = @_;
+    my ($udom,$uname,$supplementalflag,$coursedom,$coursenum,$posslti,
+        $londocroot,$canedit,$hostname,$navmapref) = @_;
     my %js_lt = &Apache::lonlocal::texthash(
                                           p_mnf => 'Name of New Folder',
                                           t_mnf => 'New Folder',
@@ -6863,6 +6874,15 @@
                 }
                 $backtourl = &HTML::Entities::encode(&Apache::lonnet::clutter($url),'<>&"').'?symb='.
                              &HTML::Entities::encode($caller,'<>&"');
+                if ($backtourl =~ m{^\Q/public/$coursedom/$coursenum/syllabus\E}) {
+                    if (($ENV{'SERVER_PORT'} == 443) &&
+                        ($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'} =~ m{^http://})) {
+                        if ($hostname ne '') {
+                            $backtourl = 'http://'.$hostname.$backtourl;
+                        }
+                        $backtourl .= (($backtourl =~ /\?/) ? '&':'?').'usehttp=1';
+                    }
+                }
                 if ($anchor ne '') {
                     $backtourl .= '#'.&HTML::Entities::encode($anchor,'<>&"');
                 }
Index: loncom/interface/lonhtmlcommon.pm
diff -u loncom/interface/lonhtmlcommon.pm:1.380 loncom/interface/lonhtmlcommon.pm:1.381
--- loncom/interface/lonhtmlcommon.pm:1.380	Sat Feb 18 23:39:16 2017
+++ loncom/interface/lonhtmlcommon.pm	Mon Feb 20 18:29:22 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # a pile of common html routines
 #
-# $Id: lonhtmlcommon.pm,v 1.380 2017/02/18 23:39:16 raeburn Exp $
+# $Id: lonhtmlcommon.pm,v 1.381 2017/02/20 18:29:22 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -3496,8 +3496,8 @@
 
 sub jump_to_editres {
     my ($cfile,$home,$switchserver,$forceedit,$forcereg,$symb,$folderpath,
-        $title,$idx,$suppurl,$todocs,$suppanchor) = @_;
-    my ($jscall,$anchor,$usehttp);
+        $title,$hostname,$idx,$suppurl,$todocs,$suppanchor) = @_;
+    my ($jscall,$anchor,$usehttp,$usehttps);
     if ($switchserver) {
         if ($home) {
             $cfile = '/adm/switchserver?otherserver='.$home.'&amp;role='.
@@ -3530,6 +3530,10 @@
                             $usehttp = 1;
                         }
                     }
+                } elsif ($env{'request.use_absolute'}) {
+                    if ($env{'request.use_absolute'} =~ m{^https://}) {
+                        $usehttps = 1;
+                    }
                 }
             }
             if ($symb) {
@@ -3556,7 +3560,13 @@
             }
             if ($forceedit) {
                 $cfile .= (($cfile=~/\?/)?'&amp;':'?').'forceedit=1';
+                if (($usehttps) && ($hostname ne '')) {
+                    $cfile = 'https://'.$hostname.$cfile;
+                }
             } elsif ($usehttp) {
+                if ($hostname ne '') {
+                    $cfile = 'http://'.$hostname.$cfile;
+                }
                 $cfile .= (($cfile=~/\?/)?'&amp;':'?').'usehttp=1';
             }
             if ($forcereg) {
Index: loncom/interface/lonmenu.pm
diff -u loncom/interface/lonmenu.pm:1.467 loncom/interface/lonmenu.pm:1.468
--- loncom/interface/lonmenu.pm:1.467	Sat Feb 18 23:39:16 2017
+++ loncom/interface/lonmenu.pm	Mon Feb 20 18:29:22 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Routines to control the menu
 #
-# $Id: lonmenu.pm,v 1.467 2017/02/18 23:39:16 raeburn Exp $
+# $Id: lonmenu.pm,v 1.468 2017/02/20 18:29:22 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -497,15 +497,21 @@
                 my $url = $$menuitem[0];
                 $url =~ s{\[cdom\]/\[cnum\]}{$cdom/$cnum};
                 if (&Apache::lonnet::is_on_map($url)) {
-                    unless ($$menuitem[0] =~ /\?register=1/) {
-                        $$menuitem[0] .= '?register=1';
+                    unless ($$menuitem[0] =~ /(\?|\&)register=1/) {
+                        $$menuitem[0] .= (($$menuitem[0]=~/\?/)? '&' : '?').'register=1';
                     }
                 } else {
-                    $$menuitem[0] =~ s{\?register=1}{};
+                    $$menuitem[0] =~ s{\&?register=1}{};
                 }
-                if (($ENV{'SERVER_PORT'} == 443) &&
-                    ($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'} =~ m{^http://})) {
-                    $$menuitem[0] .= ($$menuitem[0]=~/\?/) ? '&' : '?' . 'usehttp=1';
+                if ($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'} =~ m{^http://}) {
+                    if (($ENV{'SERVER_PORT'} == 443) || ($env{'request.use_absolute'} =~ m{^https://})) {
+                        unless ($$menuitem[0] =~ m{^https?://}) {
+                            $$menuitem[0] = 'http://'.$ENV{'SERVER_NAME'}.$$menuitem[0];
+                        }
+                        unless ($$menuitem[0] =~ /(\&|\?)usehttp=1/) {
+                            $$menuitem[0] .= (($$menuitem[0]=~/\?/) ? '&' : '?').'usehttp=1';
+                        }
+                    }
                 }
             }
             $menu .= &prep_menuitem(\@$menuitem);
@@ -629,7 +635,7 @@
 }
 
 sub innerregister {
-    my ($forcereg,$bread_crumbs,$group,$pagebuttonshide) = @_;
+    my ($forcereg,$bread_crumbs,$group,$pagebuttonshide,$hostname) = @_;
     my $const_space = ($env{'request.state'} eq 'construct');
     my $is_const_dir = 0;
 
@@ -696,7 +702,7 @@
                 }
                 my $trail;
                 if ($env{'form.folderpath'}) {
-                    &prepare_functions($resurl,$forcereg,$group,undef,undef,1);
+                    &prepare_functions($resurl,$forcereg,$group,undef,undef,1,$hostname);
                     ($trail) =
                         &Apache::lonhtmlcommon::docs_breadcrumbs(undef,$crstype,undef,$title,1);
                 } else {
@@ -711,10 +717,10 @@
             } elsif ($resurl =~ m{^\Q/uploaded$courseurl/portfolio/syllabus/}) {
                 &Apache::lonhtmlcommon::clear_breadcrumbs();
                 &prepare_functions('/public'.$courseurl."/syllabus",
-                                   $forcereg,$group,undef,undef,1);
+                                   $forcereg,$group,undef,undef,1,$hostname);
                 $title = &mt('Syllabus File');
                 my ($trail) =
-                    &Apache::lonhtmlcommon::docs_breadcrumbs(undef,$crstype,undef,$title,1);
+                    &Apache::lonhtmlcommon::docs_breadcrumbs(undef,$crstype,undef,$title,1,$hostname);
                 return $trail;
             }
             unless ($env{'request.state'} eq 'construct') {
@@ -738,7 +744,7 @@
         $forceview,$editbutton);
     if (($resurl =~ m{^/?adm/($match_domain)/($match_username)/aboutme$}) ||
         ($env{'request.role'} !~/^(aa|ca|au)/)) {
-        $editbutton = &prepare_functions($resurl,$forcereg,$group);
+        $editbutton = &prepare_functions($resurl,$forcereg,$group,'','','',$hostname);
     }
     if ($editbutton eq '') {
         $editbutton = &clear(6,1);
@@ -1037,7 +1043,7 @@
 }
 
 sub get_editbutton {
-    my ($cfile,$home,$switchserver,$forceedit,$forceview,$forcereg) = @_;
+    my ($cfile,$home,$switchserver,$forceedit,$forceview,$forcereg,$hostname) = @_;
     my $jscall;
     if (($forceview) && ($env{'form.todocs'})) {
         my ($folderpath,$command,$navmap);
@@ -1057,9 +1063,9 @@
         $jscall = &Apache::lonhtmlcommon::jump_to_editres($cfile,$home,$switchserver,
                                                 $forceedit,$forcereg,$env{'request.symb'},
                                                 &escape($env{'form.folderpath'}),
-                                                &escape($env{'form.title'}),$env{'form.idx'},
-                                                &escape($env{'form.suppurl'}),$env{'form.todocs'},
-                                                $suppanchor);
+                                                &escape($env{'form.title'}),$hostname,
+                                                $env{'form.idx'},&escape($env{'form.suppurl'}),
+                                                $env{'form.todocs'},$suppanchor);
     }
     if ($jscall) {
         my $icon = 'pcstr.png';
@@ -1076,7 +1082,7 @@
 }
 
 sub prepare_functions {
-    my ($resurl,$forcereg,$group,$bread_crumbs,$advtools,$docscrumbs) = @_;
+    my ($resurl,$forcereg,$group,$bread_crumbs,$advtools,$docscrumbs,$hostname) = @_;
     unless ($env{'request.registered'}) {
         undef(@inlineremote);
     }
@@ -1132,7 +1138,8 @@
                 $forceedit = 1;
             }
             $editbutton = &get_editbutton($cfile,$home,$switchserver,
-                                          $forceedit,$forceview,$forcereg);
+                                          $forceedit,$forceview,$forcereg,
+                                          $hostname);
         } elsif (($resurl eq '/adm/extresedit') &&
                  (($env{'form.symb'}) || ($env{'form.folderpath'}))) {
             ($cfile,$home,$switchserver,$forceedit,$forceview) =
@@ -1140,8 +1147,7 @@
                                                $env{'form.symb'});
             if ($cfile ne '') {
                 $editbutton = &get_editbutton($cfile,$home,$switchserver,
-                                              $forceedit,$forceview,$forcereg,
-                                              $env{'form.title'},$env{'form.suppurl'});
+                                              $forceedit,$forceview,$forcereg);
             }
         } elsif (($resurl =~ m{^/?adm/viewclasslist$}) &&
                  (&Apache::lonnet::allowed('opa',$env{'request.course.id'}))) {
@@ -1159,7 +1165,8 @@
                         &Apache::lonnet::clutter($resurl),$env{'request.symb'},$group);
                 if ($cfile ne '') {
                     $editbutton = &get_editbutton($cfile,$home,$switchserver,
-                                                  $forceedit,$forceview,$forcereg);
+                                                  $forceedit,$forceview,$forcereg,
+                                                  $hostname);
                 }
             }
         }
@@ -1221,9 +1228,13 @@
                     $suppanchor = $env{'form.anchor'};
                 }
                 my $esc_path=&escape(&HTML::Entities::encode(&escape($env{'form.folderpath'}),'<>&"'));
+                my $link = '/adm/coursedocs?command=direct&amp;forcesupplement=1&amp;supppath='.
+                           "$esc_path&amp;anchor=$suppanchor";
+                if ($env{'request.use_absolute'} ne '') {
+                    $link = $env{'request.use_absolute'}.$link;
+                }
                 &switch('','',7,4,'docs-22x22.png','Edit Folder','parms[_2]',
-                        "location.href='/adm/coursedocs?command=direct&amp;forcesupplement=1&amp;supppath=$esc_path&amp;anchor=$suppanchor'",
-                        'Folder/Page Content');
+                        "location.href='$link'",'Folder/Page Content');
             }
         }
     }
@@ -2114,11 +2125,11 @@
     }
     my ($privref,$gotsymb,$destsymb);
     my $destinationurl = $ENV{'REQUEST_URI'};
-    if ($destinationurl =~ /\?symb=/) {
+    if ($destinationurl =~ /(\?|\&)symb=/) {
         $gotsymb = 1;
     } elsif ($destinationurl =~ m{^/enc/}) {
         my $plainurl = &Apache::lonenc::unencrypted($destinationurl);
-        if ($plainurl =~ /\?symb=/) {
+        if ($plainurl =~ /(\?|\&)symb=/) {
             $gotsymb = 1;
         }
     }
Index: loncom/interface/lonnavmaps.pm
diff -u loncom/interface/lonnavmaps.pm:1.527 loncom/interface/lonnavmaps.pm:1.528
--- loncom/interface/lonnavmaps.pm:1.527	Sat Feb 18 23:39:16 2017
+++ loncom/interface/lonnavmaps.pm	Mon Feb 20 18:29:22 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Navigate Maps Handler
 #
-# $Id: lonnavmaps.pm,v 1.527 2017/02/18 23:39:16 raeburn Exp $
+# $Id: lonnavmaps.pm,v 1.528 2017/02/20 18:29:22 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -1833,6 +1833,10 @@
             if ($env{'request.course.id'}) {
                 if (($src =~ m{^\Q/public/$cdom/$cnum/syllabus\E($|\?)}) && ($is_ssl) &&
                     ($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'} =~ m{^http://})) {
+                    my $hostname = $r->hostname();
+                    if ($hostname ne '') {
+                        $src = 'http://'.$hostname.$src;
+                    }
                     $src .= ($srcHasQuestion? '&amp;' : '?') . 'usehttp=1';
                     $srcHasQuestion = 1;
                 }
Index: loncom/interface/lonsyllabus.pm
diff -u loncom/interface/lonsyllabus.pm:1.142 loncom/interface/lonsyllabus.pm:1.143
--- loncom/interface/lonsyllabus.pm:1.142	Sat Feb 18 23:39:16 2017
+++ loncom/interface/lonsyllabus.pm	Mon Feb 20 18:29:23 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Syllabus
 #
-# $Id: lonsyllabus.pm,v 1.142 2017/02/18 23:39:16 raeburn Exp $
+# $Id: lonsyllabus.pm,v 1.143 2017/02/20 18:29:23 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -308,10 +308,12 @@
         if ($target ne 'tex') {
             my $protocol = $Apache::lonnet::protocol{$homeserver};
             $protocol = 'http' if ($protocol ne 'https');
-            my $link = $protocol.'://'.&Apache::lonnet::hostname($homeserver).$r->uri;
+            my $link = $r->uri;
             if (($protocol eq 'https') && ($external =~ m{^http://})) {
                 $link .= '?usehttp=1';
+                $protocol = 'http';
             }
+            $link = $protocol.'://'.&Apache::lonnet::hostname($homeserver).$link;
             $r->print('<div class="LC_left_float">'
                      .'<span class="LC_help_open_topic LC_info">'
                      .'<span class="LC_info">'
@@ -747,6 +749,7 @@
     if ($env{'form.only_body'}) {
         $args->{'only_body'} = 1;
     }
+    $args->{'hostname'} = $r->hostname();
     my $start_page =
         &Apache::loncommon::start_page("Syllabus", $rss_link.$js,$args);
     if ($start_page) {
Index: loncom/auth/lonroles.pm
diff -u loncom/auth/lonroles.pm:1.325 loncom/auth/lonroles.pm:1.326
--- loncom/auth/lonroles.pm:1.325	Sat Jan 28 03:48:52 2017
+++ loncom/auth/lonroles.pm	Mon Feb 20 18:29:28 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # User Roles Screen
 #
-# $Id: lonroles.pm,v 1.325 2017/01/28 03:48:52 raeburn Exp $
+# $Id: lonroles.pm,v 1.326 2017/02/20 18:29:28 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -674,6 +674,14 @@
                                                     }
                                                 }
                                             }
+                                            if ($dest =~ m{^\Q/public/$cdom/$cnum/syllabus\E.*(\?|\&)usehttp=1}) {
+                                                if ($ENV{'SERVER_PORT'} == 443) {
+                                                    my $hostname = $r->hostname();
+                                                    if ($hostname ne '') {
+                                                        $dest = 'http://'.$hostname.$dest;
+                                                    }
+                                                }
+                                            }
                                             if ($dest =~ m{^/enc/}) {
                                                 if ($env{'request.role.adv'}) {
                                                     $dest = &Apache::lonenc::unencrypted($dest);
@@ -706,7 +714,7 @@
                                         unless (($dest =~ m{^/enc/}) || ($dest =~ /(\?|\&)symb=.+___\d+___.+/)) {
                                             if (($destsymb ne '') && ($destsymb !~ m{^/enc/})) {
                                                 my $esc_symb = &escape($destsymb);
-                                                $dest .= '?symb='.$esc_symb;
+                                                $dest .= (($dest =~/\?/)? '&':'?').'symb='.$esc_symb;
                                             }
                                         }
                                         &redirect_user($r, &mt('Entering [_1]',
Index: rat/lonpage.pm
diff -u rat/lonpage.pm:1.120 rat/lonpage.pm:1.121
--- rat/lonpage.pm:1.120	Sat Oct 29 05:49:28 2016
+++ rat/lonpage.pm	Mon Feb 20 18:29:33 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Page Handler
 #
-# $Id: lonpage.pm,v 1.120 2016/10/29 05:49:28 raeburn Exp $
+# $Id: lonpage.pm,v 1.121 2017/02/20 18:29:33 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -951,9 +951,11 @@
         my ($cfile,$home,$switchserver,$forceedit,$forceview) =
             &Apache::lonnet::can_edit_resource($file,$cnum,$cdom,$hash->{'src_'.$rid},$symb);
         if ($cfile ne '') {
+            my $hostname = $r->hostname();
             my $jscall = &Apache::lonhtmlcommon::jump_to_editres($cfile,$home,$switchserver,
                                                                  $forceedit,1,$symb,undef,
-                                                                 &escape($env{'form.title'}));
+                                                                 &escape($env{'form.title'}),
+                                                                 $hostname);
             if ($jscall) {
                 my $icon = 'pcstr.png';
                 my $label = &mt('Edit');
Index: rat/lonpageflip.pm
diff -u rat/lonpageflip.pm:1.92 rat/lonpageflip.pm:1.93
--- rat/lonpageflip.pm:1.92	Sat Feb 18 23:39:24 2017
+++ rat/lonpageflip.pm	Mon Feb 20 18:29:33 2017
@@ -2,7 +2,7 @@
 #
 # Page flip handler
 #
-# $Id: lonpageflip.pm,v 1.92 2017/02/18 23:39:24 raeburn Exp $
+# $Id: lonpageflip.pm,v 1.93 2017/02/20 18:29:33 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -245,7 +245,6 @@
 	    my ($newmapid,$newresid)=split(/\./,$newrid);
 	    my $symb=&Apache::lonnet::encode_symb($newmap,$newresid,$hash{'src_'.$newrid});
 	    $furl=&add_get_param($hash{'src_'.$newrid},{ 'symb' => $symb });
-            &check_for_syllabus(\$furl);
 	    if ($hash{'encrypted_'.$newrid}) {
 		$furl=&Apache::lonenc::encrypted($furl);
 	    }
@@ -283,6 +282,7 @@
 sub check_for_syllabus {
     my ($srcref) = @_;
     return unless (ref($srcref) eq 'SCALAR');
+    my $usehttp;
     if ($env{'request.course.id'}) {
         my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
         my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
@@ -290,8 +290,10 @@
             ($ENV{'SERVER_PORT'} == 443) &&
             ($env{'course.'.$env{'request.course.id'}.'.externalsyllabus'} =~ m{^http://})) {
             $$srcref .= (($$srcref =~/\?/)? '&':'?') . 'usehttp=1';
+            $usehttp = 1;
         }
     }
+    return $usehttp;
 }
 
 # ================================================================ Main Handler
@@ -331,9 +333,14 @@
           }
       } elsif ($direction eq 'firstanswerable') {
           my $furl = &first_answerable_ressymb();
+          my $usehttp = &check_for_syllabus(\$furl);
+          if ($usehttp) {
+              $furl='http://'.$ENV{'SERVER_NAME'}.$furl;
+          } else {
+              $furl=&Apache::lonnet::absolute_url().$furl;
+          }
           &Apache::loncommon::content_type($r,'text/html');
-          $r->header_out(Location =>
-                         &Apache::lonnet::absolute_url().$furl);
+          $r->header_out(Location => $furl);
           return REDIRECT;
       } elsif ($direction eq 'endplacement') {
           &Apache::loncommon::content_type($r,'text/html');
@@ -379,22 +386,26 @@
       }
       if ($direction eq 'firstres') {
 	  my $furl=&first_accessible_resource();
+          my $usehttp = &check_for_syllabus(\$furl);
+          if ($usehttp) {
+              $furl='http://'.$ENV{'SERVER_NAME'}.$furl;
+          } else {
+              $furl=&Apache::lonnet::absolute_url().$furl;
+          }
 	  &Apache::loncommon::content_type($r,'text/html');
-	  $r->header_out(Location => 
-			 &Apache::lonnet::absolute_url().$furl);
-	     
+	  $r->header_out(Location => $furl);
 	  return REDIRECT;
       }
       if ($direction eq 'return') { 
 # -------------------------------------------------------- Return to last known
-         my $newloc;
+         my ($newloc,$usehttp);
          if (($last) && (tie(%hash,'GDBM_File',$env{'request.course.fn'}.'.db',
                         &GDBM_READER(),0640))) {
             my ($murl,$id,$fn)=&Apache::lonnet::decode_symb($last);
 	    $id=$hash{'map_pc_'.&Apache::lonnet::clutter($murl)}.'.'.$id;
 	    $newloc=$hash{'src_'.$id};
 	    if ($newloc) {
-                &check_for_syllabus(\$newloc);
+                $usehttp = &check_for_syllabus(\$newloc);
 		if ($hash{'encrypted_'.$id}) { 
                     $newloc=&Apache::lonenc::encrypted($newloc);
                 } elsif ($newloc =~ m{^(/adm/wrapper/ext/[^\#]+)\#([^\#]+)$}) {
@@ -407,10 +418,13 @@
          } else {
 	    $newloc='/adm/navmaps';
          }
+         if ($usehttp) {
+             $newloc='http://'.$ENV{'SERVER_NAME'}.$newloc;
+         } else {
+             $newloc=&Apache::lonnet::absolute_url().$newloc
+         }
 	 &Apache::loncommon::content_type($r,'text/html');
-	 $r->header_out(Location => 
-			&Apache::lonnet::absolute_url().$newloc);
-	     
+	 $r->header_out(Location => $newloc);
 	 return REDIRECT;
       }
 #
@@ -514,8 +528,12 @@
 # ------------------------------------- Check for and display critical messages
                   my ($redirect, $url) = &Apache::loncommon::critical_redirect(300);
                   unless ($redirect) {
-                      &check_for_syllabus(\$redirecturl);
-                      $url=&Apache::lonnet::absolute_url().$redirecturl;
+                      my $usehttp = &check_for_syllabus(\$redirecturl);
+                      if ($usehttp) {
+                          $url='http://'.$ENV{'SERVER_NAME'}.$redirecturl;
+                      } else {
+                          $url=&Apache::lonnet::absolute_url().$redirecturl;
+                      }
                       my $addanchor;
                       if (($anchor ne '') && (!$enc || $env{'request.role.adv'})) {
                           $addanchor = 1;
@@ -565,7 +583,10 @@
 ENDSTART
                      foreach my $id (@possibilities) {
                         my $src = $multichoicehash{'src_'.$id};
-                        &check_for_syllabus(\$src);
+                        my $usehttp = &check_for_syllabus(\$src);
+                        if ($usehttp) {
+                            $src = 'http://'.$ENV{'SERVER_NAME'}.$src;
+                        }
                         $r->print(
                               '<tr><td><a href="'.
 				  &add_get_param($src,

From damieng at source.lon-capa.org  Fri Feb 24 12:35:02 2017
From: damieng at source.lon-capa.org (damieng)
Date: Fri, 24 Feb 2017 17:35:02 -0000
Subject: [LON-CAPA-cvs] cvs: loncom / loncapa_apache.conf /homework
	daxeopen.pm
Message-ID: <cvsdamieng1487957702@cvsserver>

damieng		Fri Feb 24 17:35:02 2017 EDT

  Modified files:              
    /loncom/homework	daxeopen.pm 
    /loncom	loncapa_apache.conf 
  Log:
  improved Daxe chooser dialog navigation, adding /priv/, /priv/domain/, size and date modified for /res files
  
Index: loncom/homework/daxeopen.pm
diff -u loncom/homework/daxeopen.pm:1.5 loncom/homework/daxeopen.pm:1.6
--- loncom/homework/daxeopen.pm:1.5	Thu Feb 23 21:32:08 2017
+++ loncom/homework/daxeopen.pm	Fri Feb 24 17:34:55 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Opening converted problems and directory listings for Daxe
 #
-# $Id: daxeopen.pm,v 1.5 2017/02/23 21:32:08 damieng Exp $
+# $Id: daxeopen.pm,v 1.6 2017/02/24 17:34:55 damieng Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -50,7 +50,7 @@
     &Apache::loncommon::no_cache($request);
     if ($uri =~ /\/$/) {
         return directory_listing($uri, $request);
-    } elsif ($uri =~ /\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$/) {
+    } elsif ($uri =~ /^\/priv\/.*\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$/) {
         return convert_problem($uri, $request);
     } else {
         # Apache should send other files directly
@@ -62,6 +62,16 @@
 sub convert_problem {
     my ($uri, $request) = @_;
     
+    if ($uri =~ /^\/priv\/([^\/]+)\/([^\/]+)\//) {
+        my ($domain, $user) = ($1, $2);
+        my ($uname, $udom) = ($env{'user.name'}, $env{'user.domain'});
+        if (!defined $uname || !defined $udom || $domain ne $udom || $user ne $uname) {
+            $request->content_type('text/plain');
+            $request->print("Forbidden URI: $uri");
+            $request->status(403);
+            return OK;
+        }
+    }
     my $file = &Apache::lonnet::filelocation('', $uri);
     &Apache::lonnet::repcopy($file);
     if (! -e $file) {
@@ -96,17 +106,26 @@
     if ($uri eq '/') {
         # root: let users browse /res
         $res .= "<directory name=\"/\">\n";
+        $res .= "<directory name=\"priv\"/>\n";
         $res .= "<directory name=\"res\"/>\n";
     } elsif ($uri !~ /^\/(priv|res)\//) {
+        $request->content_type('text/plain');
+        $request->print("Not found: $uri");
         $request->status(404);
         return OK;
     } elsif ($uri =~ /^\/res\//) {
+        # NOTE: dirlist does not return an error for /res/idontexist/
 	(my $listref, $listerror) = &Apache::lonnet::dirlist($uri);
 	if ($listerror) {
             $request->content_type('text/plain');
             $request->print("listing error: $listerror");
             $request->status(406);
             return OK;
+	} elsif ($uri =~ /^\/res\/[^\/]+\/$/ && scalar(@{$listref}) == 0) {
+            $request->content_type('text/plain');
+            $request->print("Not found: $uri");
+            $request->status(404);
+            return OK;
 	}
         my $dirname = $uri;
         $dirname =~ s/^.*\/([^\/]*)$/$1/;
@@ -114,7 +133,7 @@
         if (ref($listref) eq 'ARRAY') {
             my @lines = @{$listref};
             foreach my $line (@lines) {
-                my ($path, $dom, undef, $testdir, undef, undef, undef, undef, undef, undef, undef, undef, undef, undef, $obs, undef) = split(/\&/, $line, 16);
+                my ($path, $dom, undef, $testdir, undef, undef, undef, undef, $size, undef, $mtime, undef, undef, undef, $obs, undef) = split(/\&/, $line, 16);
                 my $isdir = ($testdir & 16384) || $dom =~ /^(user|domain)$/;
                 $path =~ s/^\/home\/httpd\/html\/res\///;
                 next if $path eq '.' || $path eq '..';
@@ -137,13 +156,46 @@
                 if ($isdir) {
                     $res .= "<directory name=\"$name\"/>\n";
                 } else {
-                    $res .= "<file name=\"$name\"/>\n";
+                    my $dt = DateTime->from_epoch(epoch => $mtime);
+                    my $modified = $dt->iso8601().'Z';
+                    $res .= "<file name=\"$name\" size=\"$size\" modified=\"$modified\"/>\n";
                 }
             }
         }
-    } else {
+    } elsif ($uri eq '/priv/') {
+        my $udom = $env{'user.domain'};
+        if (!defined $udom) {
+            $request->content_type('text/plain');
+            $request->print("Forbidden URI: $uri");
+            $request->status(403);
+            return OK;
+        }
+        $res .= "<directory name=\"priv\">\n";
+        $res .= "<directory name=\"$udom\"/>\n";
+    } elsif ($uri =~ /^\/priv\/([^\/]+)\/$/) {
+        my $domain = $1;
+        my ($uname, $udom) = ($env{'user.name'}, $env{'user.domain'});
+        if (!defined $uname || !defined $udom || $domain ne $udom) {
+            $request->content_type('text/plain');
+            $request->print("Forbidden URI: $uri");
+            $request->status(403);
+            return OK;
+        }
+        $res .= "<directory name=\"$domain\">\n";
+        $res .= "<directory name=\"$uname\"/>\n";
+    } elsif ($uri =~ /^\/priv\/([^\/]+)\/([^\/]+)\//) {
+        my ($domain, $user) = ($1, $2);
+        my ($uname, $udom) = ($env{'user.name'}, $env{'user.domain'});
+        if (!defined $uname || !defined $udom || $domain ne $udom || $user ne $uname) {
+            $request->content_type('text/plain');
+            $request->print("Forbidden URI: $uri");
+            $request->status(403);
+            return OK;
+        }
         my $dirpath = &Apache::lonnet::filelocation('', $uri);
         if (! -e $dirpath) {
+            $request->content_type('text/plain');
+            $request->print("Not found: $uri");
             $request->status(404);
             return OK;
         }
@@ -176,6 +228,11 @@
                 $res .= "/>\n";
             }
         }
+    } else {
+        $request->content_type('text/plain');
+        $request->print("Not found: $uri");
+        $request->status(404);
+        return OK;
     }
     $res .= "</directory>\n";
     &Apache::loncommon::content_type($request, 'text/xml', 'utf-8');
Index: loncom/loncapa_apache.conf
diff -u loncom/loncapa_apache.conf:1.252 loncom/loncapa_apache.conf:1.253
--- loncom/loncapa_apache.conf:1.252	Thu Feb 23 21:32:15 2017
+++ loncom/loncapa_apache.conf	Fri Feb 24 17:35:01 2017
@@ -2,7 +2,7 @@
 ## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file
 ##
 
-# $Id: loncapa_apache.conf,v 1.252 2017/02/23 21:32:15 damieng Exp $
+# $Id: loncapa_apache.conf,v 1.253 2017/02/24 17:35:01 damieng Exp $
 
 #
 # LON-CAPA Section (extensions to httpd.conf daemon configuration)
@@ -469,7 +469,7 @@
 PerlHandler Apache::lonxml
 </LocationMatch>
 
-<LocationMatch "^/daxe(page|open)/priv/">
+<LocationMatch "^/daxepage/priv/">
 AuthType LONCAPA
 Require valid-user
 PerlAuthzHandler       Apache::loncacc
@@ -479,6 +479,12 @@
 ErrorDocument     500 /adm/errorhandler
 </LocationMatch>
 
+<LocationMatch "^/daxeopen/">
+AuthType LONCAPA
+Require valid-user
+PerlAuthzHandler       Apache::lonacc
+</LocationMatch>
+
 <LocationMatch "^/daxe(page|open)/uploaded/">
 AuthType LONCAPA
 Require valid-user
@@ -509,12 +515,7 @@
 PerlHandler Apache::daxeopen
 </LocationMatch>
 
-<LocationMatch "^/daxeopen/res/(.+/)?$">
-SetHandler perl-script
-PerlHandler Apache::daxeopen
-</LocationMatch>
-
-<LocationMatch "^/daxeopen/priv/.*/$">
+<LocationMatch "^/daxeopen/(res|priv)/(.+/)?$">
 SetHandler perl-script
 PerlHandler Apache::daxeopen
 </LocationMatch>



From raeburn at source.lon-capa.org  Sat Feb 25 14:56:09 2017
From: raeburn at source.lon-capa.org (raeburn)
Date: Sat, 25 Feb 2017 19:56:09 -0000
Subject: [LON-CAPA-cvs] cvs: loncom /auth lonlogin.pm publiccheck.pm
Message-ID: <cvsraeburn1488052569@cvsserver>

raeburn		Sat Feb 25 19:56:09 2017 EDT

  Modified files:              
    /loncom/auth	publiccheck.pm lonlogin.pm 
  Log:
  - Name of cookie for public user set to lonPubID.
  
  
Index: loncom/auth/publiccheck.pm
diff -u loncom/auth/publiccheck.pm:1.25 loncom/auth/publiccheck.pm:1.26
--- loncom/auth/publiccheck.pm:1.25	Fri Feb 17 18:37:57 2017
+++ loncom/auth/publiccheck.pm	Sat Feb 25 19:56:09 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: publiccheck.pm,v 1.25 2017/02/17 18:37:57 raeburn Exp $
+# $Id: publiccheck.pm,v 1.26 2017/02/25 19:56:09 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -92,7 +92,7 @@
         my $cookie=&Apache::lonauth::success($r,'public','public','public');
         my $lonidsdir=$r->dir_config('lonIDsDir');
         &Apache::lonnet::transfer_profile_to_env($lonidsdir,$cookie);
-	$r->err_header_out('Set-cookie',"lonPublic=$cookie; path=/; HttpOnly");
+	$r->err_header_out('Set-cookie',"lonPubID=$cookie; path=/; HttpOnly");
     }
     &Apache::lonacc::get_posted_cgi($r);
     $env{'request.state'} = "published";
Index: loncom/auth/lonlogin.pm
diff -u loncom/auth/lonlogin.pm:1.169 loncom/auth/lonlogin.pm:1.170
--- loncom/auth/lonlogin.pm:1.169	Fri Feb 17 18:37:05 2017
+++ loncom/auth/lonlogin.pm	Sat Feb 25 19:56:09 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Login Screen
 #
-# $Id: lonlogin.pm,v 1.169 2017/02/17 18:37:05 raeburn Exp $
+# $Id: lonlogin.pm,v 1.170 2017/02/25 19:56:09 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -75,7 +75,7 @@
     &Apache::lonlocal::get_language_handle($r);
     &Apache::loncommon::content_type($r,'text/html');
     if ($expire) {
-        my $c = new CGI::Cookie(-name    => 'lonPublic',
+        my $c = new CGI::Cookie(-name    => 'lonPubID',
                                 -value   => '',
                                 -expires => '-10y',);
         $r->header_out('Set-cookie' => $c);



From raeburn at source.lon-capa.org  Sat Feb 25 14:48:34 2017
From: raeburn at source.lon-capa.org (raeburn)
Date: Sat, 25 Feb 2017 19:48:34 -0000
Subject: [LON-CAPA-cvs] cvs: loncom /interface lonhtmlcommon.pm
Message-ID: <cvsraeburn1488052114@cvsserver>

raeburn		Sat Feb 25 19:48:34 2017 EDT

  Modified files:              
    /loncom/interface	lonhtmlcommon.pm 
  Log:
  - Accommodate case where Syllabus is included in Main Content, so $resurl is
    extracted from symb.
  - URL arg in go() item for "Edit" link is an absolute link, where a value has 
    set for $env{'request.use_absolute'}.
  
  
Index: loncom/interface/lonhtmlcommon.pm
diff -u loncom/interface/lonhtmlcommon.pm:1.381 loncom/interface/lonhtmlcommon.pm:1.382
--- loncom/interface/lonhtmlcommon.pm:1.381	Mon Feb 20 18:29:22 2017
+++ loncom/interface/lonhtmlcommon.pm	Sat Feb 25 19:48:33 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # a pile of common html routines
 #
-# $Id: lonhtmlcommon.pm,v 1.381 2017/02/20 18:29:22 raeburn Exp $
+# $Id: lonhtmlcommon.pm,v 1.382 2017/02/25 19:48:33 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -1902,7 +1902,7 @@
                     $env{'course.'.$env{'request.course.id'}.'.description'};
                 $no_mt_descr = 1;
                 if ($env{'request.noversionuri'} =~ 
-                    m{^/public/($match_domain)/($match_courseid)/syllabus$}) {
+                    m{^/?public/($match_domain)/($match_courseid)/syllabus$}) {
                     unless (($env{'course.'.$env{'request.course.id'}.'.domain'} eq $1) &&
                             ($env{'course.'.$env{'request.course.id'}.'.num'} eq $2)) {
                         $description = 'Menu';
@@ -3520,7 +3520,7 @@
             if ($cfile =~ m{^(/adm/wrapper/ext/[^#]+)#([^#]+)$}) {
                 $cfile = $1;
                 $anchor = $2;
-            } elsif ($cfile =~ m{^/public/($match_domain)/($match_courseid)/syllabus}) {
+            } elsif ($cfile =~ m{^/?public/($match_domain)/($match_courseid)/syllabus}) {
                 if ($ENV{'SERVER_PORT'} == 443) {
                     my ($cdom,$cnum) = ($1,$2);
                     if (($env{'request.course.id'}) &&
@@ -3560,14 +3560,16 @@
             }
             if ($forceedit) {
                 $cfile .= (($cfile=~/\?/)?'&amp;':'?').'forceedit=1';
-                if (($usehttps) && ($hostname ne '')) {
-                    $cfile = 'https://'.$hostname.$cfile;
+                if ($usehttps) {
+                    $cfile = $env{'request.use_absolute'}.(($cfile =~ /^\//)? '':'/').$cfile;
                 }
             } elsif ($usehttp) {
                 if ($hostname ne '') {
-                    $cfile = 'http://'.$hostname.$cfile;
+                    $cfile = 'http://'.$hostname.(($cfile =~ /^\//)? '':'/').$cfile;
                 }
                 $cfile .= (($cfile=~/\?/)?'&amp;':'?').'usehttp=1';
+            } elsif ($usehttps) {
+                $cfile = $env{'request.use_absolute'}.(($cfile =~ /^\//)? '':'/').$cfile;
             }
             if ($forcereg) {
                 $cfile .= (($cfile=~/\?/)?'&amp;':'?').'register=1';



From raeburn at source.lon-capa.org  Sat Feb 25 14:50:17 2017
From: raeburn at source.lon-capa.org (raeburn)
Date: Sat, 25 Feb 2017 19:50:17 -0000
Subject: [LON-CAPA-cvs] cvs: loncom /interface loncommon.pm
Message-ID: <cvsraeburn1488052217@cvsserver>

raeburn		Sat Feb 25 19:50:17 2017 EDT

  Modified files:              
    /loncom/interface	loncommon.pm 
  Log:
  - Modify comment in init_user_environment
  - Coding style
  
  
Index: loncom/interface/loncommon.pm
diff -u loncom/interface/loncommon.pm:1.1274 loncom/interface/loncommon.pm:1.1275
--- loncom/interface/loncommon.pm:1.1274	Mon Feb 20 18:29:22 2017
+++ loncom/interface/loncommon.pm	Sat Feb 25 19:50:16 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # a pile of common routines
 #
-# $Id: loncommon.pm,v 1.1274 2017/02/20 18:29:22 raeburn Exp $
+# $Id: loncommon.pm,v 1.1275 2017/02/25 19:50:16 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -16015,8 +16015,6 @@
 
     my $public=($username eq 'public' && $domain eq 'public');
 
-# See if old ID present, if so, remove
-
     my ($filename,$cookie,$userroles,$firstaccenv,$timerintenv);
     my $now=time;
 
@@ -16038,7 +16036,8 @@
 	}
 	if (!$cookie) { $cookie="publicuser_$oldest"; }
     } else {
-	# if this isn't a robot, kill any existing non-robot sessions
+	# See if old ID present, if so, remove if this isn't a robot,
+	# killing any existing non-robot sessions
 	if (!$args->{'robot'}) {
 	    opendir(DIR,$lonids);
 	    while ($filename=readdir(DIR)) {
@@ -16078,8 +16077,7 @@
 
     my %userenv = &Apache::lonnet::dump('environment',$domain,$username);
     my ($tmp) = keys(%userenv);
-    if ($tmp !~ /^(con_lost|error|no_such_host)/i) {
-    } else {
+    if ($tmp =~ /^(con_lost|error|no_such_host)/i) {
 	undef(%userenv);
     }
     if (($userenv{'interface'}) && (!$form->{'interface'})) {



From raeburn at source.lon-capa.org  Sat Feb 25 14:39:10 2017
From: raeburn at source.lon-capa.org (raeburn)
Date: Sat, 25 Feb 2017 19:39:10 -0000
Subject: [LON-CAPA-cvs] cvs: rat / lonwrapper.pm
Message-ID: <cvsraeburn1488051550@cvsserver>

raeburn		Sat Feb 25 19:39:10 2017 EDT

  Modified files:              
    /rat	lonwrapper.pm 
  Log:
  - Remove trailing white space.
  
  
Index: rat/lonwrapper.pm
diff -u rat/lonwrapper.pm:1.56 rat/lonwrapper.pm:1.57
--- rat/lonwrapper.pm:1.56	Tue Feb  7 02:07:28 2017
+++ rat/lonwrapper.pm	Sat Feb 25 19:39:10 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Wrapper for external and binary files as standalone resources
 #
-# $Id: lonwrapper.pm,v 1.56 2017/02/07 02:07:28 raeburn Exp $
+# $Id: lonwrapper.pm,v 1.57 2017/02/25 19:39:10 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -74,7 +74,7 @@
         $args->{'bread_crumbs'} = $brcrum;
     }
     if ($absolute) {
-        $args->{'use_absolute'} = $absolute; 
+        $args->{'use_absolute'} = $absolute;
     }
     if ($env{'form.only_body'}) {
         $args->{'only_body'} = $env{'form.only_body'};



From raeburn at source.lon-capa.org  Sat Feb 25 15:00:47 2017
From: raeburn at source.lon-capa.org (raeburn)
Date: Sat, 25 Feb 2017 20:00:47 -0000
Subject: [LON-CAPA-cvs] cvs: loncom /auth lonauth.pm lonlogout.pm
	switchserver.pm /interface lonsupportreq.pm /lonnet/perl lonnet.pm
Message-ID: <cvsraeburn1488052847@cvsserver>

raeburn		Sat Feb 25 20:00:47 2017 EDT

  Modified files:              
    /loncom/auth	lonauth.pm lonlogout.pm switchserver.pm 
    /loncom/lonnet/perl	lonnet.pm 
    /loncom/interface	lonsupportreq.pm 
  Log:
  - Use 'secure' attribute for session cookie on servers using Apache/SSL.
  
  
-------------- next part --------------
Index: loncom/auth/lonauth.pm
diff -u loncom/auth/lonauth.pm:1.142 loncom/auth/lonauth.pm:1.143
--- loncom/auth/lonauth.pm:1.142	Fri Feb 17 14:34:21 2017
+++ loncom/auth/lonauth.pm	Sat Feb 25 20:00:36 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # User Authentication Module
 #
-# $Id: lonauth.pm,v 1.142 2017/02/17 14:34:21 raeburn Exp $
+# $Id: lonauth.pm,v 1.143 2017/02/25 20:00:36 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -42,6 +42,7 @@
 use Apache::lonlocal;
 use Apache::File();
 use HTML::Entities;
+use Digest::MD5;
  
 # ------------------------------------------------------------ Successful login
 sub success {
@@ -72,8 +73,26 @@
         }
     }
 
-# ------------------------------------------------------------ Get cookie ready
-    $cookie="lonID=$cookie; path=/; HttpOnly";
+# ----------------------------------------------------------- Get cookies ready
+    my ($securecookie,$defaultcookie);
+    if ($ENV{'SERVER_PORT'} == 443) {
+        $securecookie="lonID=$cookie; path=/; HttpOnly; secure";
+        my $lonidsdir=$r->dir_config('lonIDsDir');
+        if (($lonidsdir) && (-e "$lonidsdir/$cookie.id")) {
+            my $linkname=substr(Digest::MD5::md5_hex(Digest::MD5::md5_hex(time(). {}. rand(). $$)), 0, 32).'_linked';
+            if (-e "$lonidsdir/$linkname.id") {
+                unlink("$lonidsdir/$linkname.id");
+            }
+            my $made_symlink = eval { symlink("$lonidsdir/$cookie.id",
+                                              "$lonidsdir/$linkname.id"); 1 };
+            if ($made_symlink) {
+                $defaultcookie = "lonLinkID=$linkname; path=/; HttpOnly;";
+                &Apache::lonnet::appenv({'user.linkedenv' => "$lonidsdir/$linkname.id"});
+            }
+        }
+    } else {
+        $defaultcookie = "lonID=$cookie; path=/; HttpOnly;";
+    }
 # -------------------------------------------------------- Menu script and info
     my $destination = $lowerurl;
 
@@ -152,7 +171,12 @@
 # ------------------------------------------------- Output for successful login
 
     &Apache::loncommon::content_type($r,'text/html');
-    $r->header_out('Set-cookie' => $cookie);
+    if ($securecookie) {
+        $r->headers_out->add('Set-cookie' => $securecookie);
+    }
+    if ($defaultcookie) {
+        $r->headers_out->add('Set-cookie' => $defaultcookie);
+    }
     $r->send_http_header;
 
     my %lt=&Apache::lonlocal::texthash(
Index: loncom/auth/lonlogout.pm
diff -u loncom/auth/lonlogout.pm:1.49 loncom/auth/lonlogout.pm:1.50
--- loncom/auth/lonlogout.pm:1.49	Thu Mar 12 00:50:10 2015
+++ loncom/auth/lonlogout.pm	Sat Feb 25 20:00:36 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Logout Handler
 #
-# $Id: lonlogout.pm,v 1.49 2015/03/12 00:50:10 raeburn Exp $
+# $Id: lonlogout.pm,v 1.50 2017/02/25 20:00:36 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -70,6 +70,13 @@
     my $lonidsdir=$r->dir_config('lonIDsDir');
     &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
     unlink("$lonidsdir/$handle.id");
+    if ($env{'user.linkedenv'} ne '') {
+        my $lonhost = $r->dir_config('lonHostID');
+        if ((-l $env{'user.linkedenv'}) && 
+            (readlink($env{'user.linkedenv'}) eq "$lonidsdir/$handle.id")) {
+            unlink($env{'user.linkedenv'});
+        }
+    }
     if (!$Apache::lonlocal::lh) {
         &Apache::lonlocal::get_language_handle($r);
     }
@@ -83,11 +90,20 @@
     &Apache::loncommon::content_type($r,'text/html');
 
     #expire the cookie
-    my $c = new CGI::Cookie(-name    => 'lonID',
+    my $name = 'lonID';
+    if (($env{'user.name'} eq 'public') && ($env{'user.domain'} eq 'public')) {
+        $name = 'lonPubID';
+    }
+    my $c = new CGI::Cookie(-name    => $name,
 			    -value   => '',
 			    -expires => '-10y',);
-    $r->header_out('Set-cookie' => $c);
-
+    $r->headers_out->add('Set-cookie' => $c);
+    if (($name eq 'lonID') && ($env{'user.linkeenv'})) {
+        my $other = new CGI::Cookie(-name    => 'lonLinkID',
+                                    -value   => '',
+                                    -expires => '-10y',);
+        $r->headers_out->add('Set-cookie' => $other);
+    }
     $r->send_http_header;
     return OK if $r->header_only;
 # -------------------------------------------------------- Menu script and info
Index: loncom/auth/switchserver.pm
diff -u loncom/auth/switchserver.pm:1.35 loncom/auth/switchserver.pm:1.36
--- loncom/auth/switchserver.pm:1.35	Fri Dec 16 15:31:11 2016
+++ loncom/auth/switchserver.pm	Sat Feb 25 20:00:36 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Switch Servers Handler
 #
-# $Id: switchserver.pm,v 1.35 2016/12/16 15:31:11 raeburn Exp $
+# $Id: switchserver.pm,v 1.36 2017/02/25 20:00:36 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -106,6 +106,12 @@
     if ($env{'user.name'} eq 'public'
 	&& $env{'user.domain'} eq 'public') {
 	my $url = $protocol.'://'.$switch_to.$r->uri;
+        unlink($handle);
+        #expire the cookie
+        my $c = new CGI::Cookie(-name    => 'lonPubID',
+                                -value   => '',
+                                -expires => '-10y',);
+        $r->header_out('Set-cookie' => $c);
 	return &do_redirect($r,$url,1)
     }
 
@@ -157,6 +163,13 @@
 
     #remove session env, and log event
     unlink($handle);
+    if ($env{'user.linkedenv'} ne '') {
+        my $lonidsdir=$r->dir_config('lonIDsDir');
+        if ((-l $env{'user.linkedenv'}) &&
+            (readlink($env{'user.linkedenv'}) eq "$lonidsdir/$handle.id")) {
+            unlink($env{'user.linkedenv'});
+        }
+    }
     my %temp=('switchserver' => time.':'.$env{'form.otherserver'},
 	      $env{'form.role'});
     &Apache::lonnet::put('email_status',\%temp);
@@ -176,7 +189,13 @@
     my $c = new CGI::Cookie(-name    => 'lonID',
 			    -value   => '',
 			    -expires => '-10y',);
-    $r->header_out('Set-cookie' => $c);
+    $r->headers_out->add('Set-cookie' => $c);
+    if ($env{'user.linkedenv'}) {
+        my $linked = new CGI::Cookie(-name    => 'lonLinkID',
+                                     -value   => '',
+                                     -expires => '-10y',);
+        $r->headers_out->add('Set-cookie' => $linked);
+    }
 
     if ($r->header_only) {
 	$r->send_http_header;
Index: loncom/lonnet/perl/lonnet.pm
diff -u loncom/lonnet/perl/lonnet.pm:1.1336 loncom/lonnet/perl/lonnet.pm:1.1337
--- loncom/lonnet/perl/lonnet.pm:1.1336	Sat Jan 28 23:26:51 2017
+++ loncom/lonnet/perl/lonnet.pm	Sat Feb 25 20:00:41 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.1336 2017/01/28 23:26:51 raeburn Exp $
+# $Id: lonnet.pm,v 1.1337 2017/02/25 20:00:41 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -650,10 +650,23 @@
 sub check_for_valid_session {
     my ($r,$name,$userhashref) = @_;
     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
+    my ($linkname,$pubname);
     if ($name eq '') {
         $name = 'lonID';
+        $linkname = 'lonLinkID';
+        $pubname = 'lonPubID';
     }
     my $lonid=$cookies{$name};
+    if (!$lonid) {
+        if (($name eq 'lonID') && ($ENV{'SERVER_PORT'} != 443) && ($linkname)) {
+            $lonid=$cookies{$linkname};
+        }
+        if (!$lonid) {
+            if (($name eq 'lonID') && ($pubname)) {
+                $lonid=$cookies{$pubname};
+            }
+        }
+    }
     return undef if (!$lonid);
 
     my $handle=&LONCAPA::clean_handle($lonid->value);
Index: loncom/interface/lonsupportreq.pm
diff -u loncom/interface/lonsupportreq.pm:1.90 loncom/interface/lonsupportreq.pm:1.91
--- loncom/interface/lonsupportreq.pm:1.90	Mon Jan 23 19:51:52 2017
+++ loncom/interface/lonsupportreq.pm	Sat Feb 25 20:00:47 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Helpdesk request form
 #
-# $Id: lonsupportreq.pm,v 1.90 2017/01/23 19:51:52 raeburn Exp $
+# $Id: lonsupportreq.pm,v 1.91 2017/02/25 20:00:47 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -657,7 +657,12 @@
     my @ENVvars = ('HTTP_HOST','HTTP_USER_AGENT','REMOTE_ADDR','SERVER_ADDR','SERVER_NAME');
     my @envvars = ('browser.os','browser.type','browser.version','user.home','request.role');
     my @loncvars = ('user.name','user.domain','request.course.sec','request.course.id');
-    my @cookievars = ('lonID');
+    my @cookievars;
+    if ($ENV{'SERVER_PORT'} == 443) {
+        @cookievars = ('lonLinkID');
+    } else {
+        @cookievars = ('lonID');
+    }
 
     my $admin = $Apache::lonnet::perlvar{'lonAdminMail'};
     my $origmail = $Apache::lonnet::perlvar{'lonSupportEMail'};
@@ -991,7 +996,9 @@
     if ($$cookie{'lonID'} =~ /lonID=($LONCAPA::handle_re);/) {
         $cookies{'lonID'} = $1;
     }
-
+    if ($$cookie{'lonLinkID'} =~ /lonLinkID=([a-f0-9]+_linked);/) {
+        $cookies{'lonLinkID'} = $1;
+    }
     if ($attachmentpath =~ m-/([^/]+)$-) {
         $fname = $1;
         $displaymsg .= '<br />'

From raeburn at source.lon-capa.org  Sat Feb 25 14:40:29 2017
From: raeburn at source.lon-capa.org (raeburn)
Date: Sat, 25 Feb 2017 19:40:29 -0000
Subject: [LON-CAPA-cvs] cvs: rat / lonpageflip.pm
Message-ID: <cvsraeburn1488051629@cvsserver>

raeburn		Sat Feb 25 19:40:29 2017 EDT

  Modified files:              
    /rat	lonpageflip.pm 
  Log:
  - Use $r->hostname() instead of $ENV{'SERVER_NAME'}
  
  
Index: rat/lonpageflip.pm
diff -u rat/lonpageflip.pm:1.93 rat/lonpageflip.pm:1.94
--- rat/lonpageflip.pm:1.93	Mon Feb 20 18:29:33 2017
+++ rat/lonpageflip.pm	Sat Feb 25 19:40:29 2017
@@ -2,7 +2,7 @@
 #
 # Page flip handler
 #
-# $Id: lonpageflip.pm,v 1.93 2017/02/20 18:29:33 raeburn Exp $
+# $Id: lonpageflip.pm,v 1.94 2017/02/25 19:40:29 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -314,6 +314,7 @@
   my %multichoicehash=();
   my ($redirecturl,$redirectsymb,$enc,$anchor);
   my $next='';
+  my $hostname = $r->hostname();
   my @possibilities=();
    &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['postdata']);
   if (($env{'form.postdata'})&&($env{'request.course.fn'})) {
@@ -334,8 +335,8 @@
       } elsif ($direction eq 'firstanswerable') {
           my $furl = &first_answerable_ressymb();
           my $usehttp = &check_for_syllabus(\$furl);
-          if ($usehttp) {
-              $furl='http://'.$ENV{'SERVER_NAME'}.$furl;
+          if (($usehttp) && ($hostname ne '')) {
+              $furl='http://'.$hostname.$furl;
           } else {
               $furl=&Apache::lonnet::absolute_url().$furl;
           }
@@ -387,8 +388,8 @@
       if ($direction eq 'firstres') {
 	  my $furl=&first_accessible_resource();
           my $usehttp = &check_for_syllabus(\$furl);
-          if ($usehttp) {
-              $furl='http://'.$ENV{'SERVER_NAME'}.$furl;
+          if (($usehttp) && ($hostname ne '')) {
+              $furl='http://'.$hostname.$furl;
           } else {
               $furl=&Apache::lonnet::absolute_url().$furl;
           }
@@ -418,8 +419,8 @@
          } else {
 	    $newloc='/adm/navmaps';
          }
-         if ($usehttp) {
-             $newloc='http://'.$ENV{'SERVER_NAME'}.$newloc;
+         if (($usehttp) && ($hostname ne '')) {
+             $newloc='http://'.$hostname.$newloc;
          } else {
              $newloc=&Apache::lonnet::absolute_url().$newloc
          }
@@ -529,8 +530,8 @@
                   my ($redirect, $url) = &Apache::loncommon::critical_redirect(300);
                   unless ($redirect) {
                       my $usehttp = &check_for_syllabus(\$redirecturl);
-                      if ($usehttp) {
-                          $url='http://'.$ENV{'SERVER_NAME'}.$redirecturl;
+                      if (($usehttp) && ($hostname ne '')) {
+                          $url='http://'.$hostname.$redirecturl;
                       } else {
                           $url=&Apache::lonnet::absolute_url().$redirecturl;
                       }
@@ -584,8 +585,8 @@
                      foreach my $id (@possibilities) {
                         my $src = $multichoicehash{'src_'.$id};
                         my $usehttp = &check_for_syllabus(\$src);
-                        if ($usehttp) {
-                            $src = 'http://'.$ENV{'SERVER_NAME'}.$src;
+                        if (($usehttp) && ($hostname ne '')) {
+                            $src = 'http://'.$hostname.$src;
                         }
                         $r->print(
                               '<tr><td><a href="'.



From raeburn at source.lon-capa.org  Sat Feb 25 14:43:16 2017
From: raeburn at source.lon-capa.org (raeburn)
Date: Sat, 25 Feb 2017 19:43:16 -0000
Subject: [LON-CAPA-cvs] cvs: loncom /interface lonmenu.pm
Message-ID: <cvsraeburn1488051796@cvsserver>

raeburn		Sat Feb 25 19:43:16 2017 EDT

  Modified files:              
    /loncom/interface	lonmenu.pm 
  Log:
  - Accommodate case where Syllabus is included in Main Content, so $resurl is 
    extracted from symb.
  
  
Index: loncom/interface/lonmenu.pm
diff -u loncom/interface/lonmenu.pm:1.468 loncom/interface/lonmenu.pm:1.469
--- loncom/interface/lonmenu.pm:1.468	Mon Feb 20 18:29:22 2017
+++ loncom/interface/lonmenu.pm	Sat Feb 25 19:43:16 2017
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Routines to control the menu
 #
-# $Id: lonmenu.pm,v 1.468 2017/02/20 18:29:22 raeburn Exp $
+# $Id: lonmenu.pm,v 1.469 2017/02/25 19:43:16 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -1128,8 +1128,8 @@
 # This applies in course context
 #
         if (($perms{'mdc'}) &&
-            (($resurl eq "/public/$cdom/$cnum/syllabus") ||
-            ($resurl =~ m{^/uploaded/$cdom/$cnum/portfolio/syllabus/}))) {
+            (($resurl =~ m{^/?public/$cdom/$cnum/syllabus}) ||
+            ($resurl =~ m{^/?uploaded/$cdom/$cnum/portfolio/syllabus/}))) {
             $cfile = $resurl;
             $home = &Apache::lonnet::homeserver($cnum,$cdom);
             if ($env{'form.forceedit'}) {