From c6f98e6f729dde5bb8b85ce62946d047a5ca5791 Mon Sep 17 00:00:00 2001
From: Balazs Scheidler <bazsi@balabit.hu>
Date: Wed, 12 Mar 2014 18:17:00 +0100
Subject: cptools.SessionAuth: fix login_screen page handler

The login_screen page handler erroneously returned the formatted HTML page,
which was simply interpreted as a boolean that controls whether the call
to the controller function was suppressed or not.

Set the response.body instead and return a literal True that suppresses the
call to the page handler.

Signed-off-by: Balazs Scheidler <bazsi@balabit.hu>
---
 cherrypy/lib/cptools.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/cherrypy/lib/cptools.py b/cherrypy/lib/cptools.py
index 3fbfb62b..585599ce 100644
--- a/cherrypy/lib/cptools.py
+++ b/cherrypy/lib/cptools.py
@@ -370,7 +370,8 @@ Message: %(error_msg)s
         if path.endswith('login_screen'):
             if self.debug:
                 cherrypy.log('routing %r to login_screen' % path, 'TOOLS.SESSAUTH')
-            return self.login_screen(**request.params)
+            response.body = self.login_screen()
+            return True
         elif path.endswith('do_login'):
             if request.method != 'POST':
                 response.headers['Allow'] = "POST"
-- 
cgit v1.2.1