--- loncom/auth/lonacc.pm	2019/08/01 02:51:45	1.159.2.8
+++ loncom/auth/lonacc.pm	2018/11/24 16:19:04	1.171
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.159.2.8 2019/08/01 02:51:45 raeburn Exp $
+# $Id: lonacc.pm,v 1.171 2018/11/24 16:19:04 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -202,6 +202,14 @@ sub get_posted_cgi {
 			$fname='';
 			$fmime='';
 		    }
+                    if ($i<$#lines && $lines[$i+1]=~/^Content\-Type\:\s*([\w\-\/]+)/i) {
+                        # TODO: something with $1 !
+                        $i++;
+                    }
+                    if ($i<$#lines && $lines[$i+1]=~/^Content\-transfer\-encoding\:\s*([\w\-\/]+)/i) {
+                        # TODO: something with $1 !
+                        $i++;
+                    }
 		    $i++;
 		}
 	    } else {
@@ -369,7 +377,7 @@ sub sso_login {
 	} else {
 	    # need to login them in, so generate the need data that
 	    # migrate expects to do login
-            my $ip = $r->get_remote_host();
+	    my $ip = $r->get_remote_host();
 	    my %info=('ip'        => $ip,
 		      'domain'    => $domain,
 		      'username'  => $user,
@@ -501,7 +509,7 @@ sub handler {
                 my $preserved;
                 foreach my $pair (split(/&/,$query)) {
                     my ($name, $value) = split(/=/,$pair);
-                    unless (($name eq 'symb') || ($name eq 'usehttp')) {
+                    unless ($name eq 'symb') {
                         $preserved .= $pair.'&';
                     }
                     if (($env{'request.course.id'}) && ($name eq 'folderpath')) {
@@ -520,7 +528,8 @@ sub handler {
             }
         } elsif ($env{'request.course.id'} &&
                  (($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) ||
-                  ($requrl =~ m{^/public/$cdom/$cnum/syllabus$}))) {
+                  ($requrl eq "/public/$cdom/$cnum/syllabus") ||
+                  ($requrl =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}))) {
             my $query = $r->args;
             if ($query) {
                 foreach my $pair (split(/&/,$query)) {
@@ -589,7 +598,9 @@ sub handler {
                 $env{'form.origurl'} = $r->uri;
             }
         }
-
+        if ($requrl=~m{^/+tiny/+$match_domain/+\w+$}) {
+            return OK;
+        }
 # ---------------------------------------------------------------- Check access
 	my $now = time;
 	if ($requrl !~ m{^/(?:adm|public|prtspool)/}
@@ -679,7 +690,8 @@ sub handler {
 		($requrl=~m|\.problem/smpedit$|) ||
 		($requrl=~/^\/public\/.*\/syllabus$/) ||
                 ($requrl=~/^\/adm\/(viewclasslist|navmaps)$/) ||
-                ($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?|$)/)) {
+                ($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?|$)/) ||
+                ($requrl=~m{^/adm/$cdom/$cnum/\d+/ext\.tool$})) {
 # ------------------------------------- This is serious stuff, get symb and log
 		my $symb;
 		if ($query) {
@@ -774,7 +786,7 @@ sub handler {
 # ------------------------------------ See if this is a viewable portfolio file
     if (&Apache::lonnet::is_portfolio_url($requrl)) {
         my $clientip = $r->get_remote_host();
-	my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
+        my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
 	if ($access eq 'A') {
 	    &Apache::restrictedaccess::setup_handler($r);
 	    return OK;