From 559e3e22adfd07d8c4f34a3b2c035dfb4c7e675b Mon Sep 17 00:00:00 2001
From: kdh0120 <kdh0120  @example.com>
Date: Wed, 10 Nov 2021 23:43:11 +0000
Subject: [PATCH] =?UTF-8?q?<=EA=B8=B0=EB=8A=A5=EA=B0=9C=EC=84=A0>=20--=20h?=
 =?UTF-8?q?ttp=20=EA=B4=80=EB=A0=A8=20=EA=B0=9C=EC=84=A0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 BO/Controllers/BOBaseController.cs       |  3 ++-
 Base/Controller/BasePartialController.cs | 31 +++++++++++++++++++-----
 2 files changed, 27 insertions(+), 7 deletions(-)

diff --git a/BO/Controllers/BOBaseController.cs b/BO/Controllers/BOBaseController.cs
index 282e17a..2c5bba4 100644
--- a/BO/Controllers/BOBaseController.cs
+++ b/BO/Controllers/BOBaseController.cs
@@ -28,7 +28,8 @@ namespace NP.BO.Controllers
             ViewBag.IsSubAdmin97 = SUserInfo.IsSubAdmin97;
 
             //로그인을 위해서 다 https로 돌림
-            if (!Request.IsSecureConnection && GetConfig("usessl") == "Y")
+            if (!Request.IsSecureConnection && GetConfig("usessl") == "Y" 
+                && (!Request.Url.AbsolutePath.ToUpper().StartsWith("/ACCOUNT/")))
             {
                 filterContext.Result = new RedirectResult("https://" + Request.Url.Host + Request.Url.PathAndQuery);
             }
diff --git a/Base/Controller/BasePartialController.cs b/Base/Controller/BasePartialController.cs
index 235ba5f..deb8894 100644
--- a/Base/Controller/BasePartialController.cs
+++ b/Base/Controller/BasePartialController.cs
@@ -41,6 +41,19 @@ namespace NP.Base
         public const String SUIFCROOM = "NPTECHSUIFCROOM";
         public const String SUIFTCROOM = "NPTECHSUIFTCROOM";        
         private const String SUIDATE = "190517";
+        private bool? securev = null;
+
+        private bool IsSecure
+        {
+            get
+            {
+                if(securev == null)
+                {
+                    securev = GetConfig("usessl") == "Y";
+                }
+                return securev.Value;
+            }
+        }
 
         public NP.Model.SSUserInfo SUserInfo = new Model.SSUserInfo(); 
         public void SSClear()
@@ -913,13 +926,19 @@ namespace NP.Base
                 SUserInfo.UserInfo + "$" +
                 SUserInfo.LoginKey + "$" +
                 DateTime.Now.ToString("yyMMddHHmmss") + "$" +
-                SUserInfo.LoginIP) + ";SameSite=None");
-            c.Secure = true;
-            c.HttpOnly = true;
+                SUserInfo.LoginIP) + (IsSecure ? ";SameSite=None" : ""));
+            if (IsSecure)
+            {
+                c.Secure = true;
+                c.HttpOnly = true;
+            }
             Response.Cookies.Add(c);
-            var c2 = new System.Web.HttpCookie(TopMenuNo == 1 ? SUIT : SUIFT, EncString(DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")) + ";SameSite=None");
-            c2.Secure = true;
-            c2.HttpOnly = true;
+            var c2 = new System.Web.HttpCookie(TopMenuNo == 1 ? SUIT : SUIFT, EncString(DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss")) + (IsSecure ? ";SameSite=None" : ""));
+            if (IsSecure)
+            {
+                c2.Secure = true;
+                c2.HttpOnly = true;
+            }
             Response.Cookies.Add(c2);
             if (isFront)
             {