From 17dafa6a14dfb69939428aa5c96e2eed155e57ff Mon Sep 17 00:00:00 2001
From: Max Goodman <max@reddit.com>
Date: Tue, 4 Oct 2011 21:54:33 -0700
Subject: [PATCH] Handle JS-free POSTs in the login form.

---
 r2/r2/controllers/errors.py        |  3 +++
 r2/r2/controllers/post.py          | 20 +++++---------------
 r2/r2/templates/loginformwide.html |  2 +-
 3 files changed, 9 insertions(+), 16 deletions(-)

diff --git a/r2/r2/controllers/errors.py b/r2/r2/controllers/errors.py
index 85a449d25..5e12f22c5 100644
--- a/r2/r2/controllers/errors.py
+++ b/r2/r2/controllers/errors.py
@@ -127,6 +127,9 @@ class ErrorSet(object):
     def __iter__(self):
         for x in self.errors:
             yield x
+
+    def __len__(self):
+        return len(self.errors)
         
     def add(self, error_name, msg_params = {}, field = None):
         msg = error_list[error_name]
diff --git a/r2/r2/controllers/post.py b/r2/r2/controllers/post.py
index 0d42d3a06..2fed932c5 100644
--- a/r2/r2/controllers/post.py
+++ b/r2/r2/controllers/post.py
@@ -20,6 +20,7 @@
 # CondeNet, Inc. All Rights Reserved.
 ################################################################################
 from r2.lib.pages import *
+from reddit_base import cross_domain
 from api import ApiController
 from r2.lib.utils import Storage, query_string, UrlParser
 from r2.lib.emailer import opt_in, opt_out
@@ -172,38 +173,27 @@ class PostController(ApiController):
                                            msg_hash = msg_hash)).render()
 
 
+    @cross_domain([g.origin, g.https_endpoint], allow_credentials=True)
     @validate(dest = VDestination(default = "/"))
     def POST_login(self, dest, *a, **kw):
         ApiController.POST_login(self, *a, **kw)
         c.render_style = "html"
         c.response_content_type = ""
 
-        errors = list(c.errors)
-        if errors:
-            for e in errors:
-                if not e[0].endswith("_login"):
-                    msg = c.errors[e].message
-                    c.errors.remove(e)
-                    c.errors.add(e[0], msg)
-
+        if c.errors:
             return LoginPage(user_login = request.post.get('user'),
                              dest = dest).render()
 
         return self.redirect(dest)
 
+    @cross_domain([g.origin, g.https_endpoint], allow_credentials=True)
     @validate(dest = VDestination(default = "/"))
     def POST_reg(self, dest, *a, **kw):
         ApiController.POST_register(self, *a, **kw)
         c.render_style = "html"
         c.response_content_type = ""
 
-        errors = list(c.errors)
-        if errors:
-            for e in errors:
-                if not e[0].endswith("_reg"):
-                    msg = c.errors[e].message
-                    c.errors.remove(e)
-                    c.errors.add(e[0], msg)
+        if c.errors:
             return LoginPage(user_reg = request.post.get('user'),
                              dest = dest).render()
 
diff --git a/r2/r2/templates/loginformwide.html b/r2/r2/templates/loginformwide.html
index 7ecb63fbd..d85abd6ef 100644
--- a/r2/r2/templates/loginformwide.html
+++ b/r2/r2/templates/loginformwide.html
@@ -29,7 +29,7 @@
 
 <% op = "login-main" %>
 <form method="post"
-      action="${add_sr(g.https_endpoint + '/post/' + op, nocname = True)}"
+      action="${add_sr(g.https_endpoint + '/post/login', nocname = True)}"
       id="login_${op}"
       class="login-form login-form-side">
   %if thing.cname: