From a6ab9c4a3e820b9d293075b1fec8b5eb05df87e9 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 11 Feb 2010 16:42:58 -0500 Subject: [PATCH 1/7] Themes can be served from an SSL server --- lib/default.php | 3 ++- lib/theme.php | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/default.php b/lib/default.php index bf4b83718d..1a2cc4cf6d 100644 --- a/lib/default.php +++ b/lib/default.php @@ -123,7 +123,8 @@ $default = 'theme' => array('server' => null, 'dir' => null, - 'path'=> null), + 'path'=> null, + 'ssl' => false), 'javascript' => array('server' => null, 'path'=> null), diff --git a/lib/theme.php b/lib/theme.php index 020ce1ac40..bed631d9c0 100644 --- a/lib/theme.php +++ b/lib/theme.php @@ -110,9 +110,9 @@ class Theme $server = common_config('site', 'server'); } - // XXX: protocol + $protocol = common_config('theme', 'ssl') ? 'https' : 'http'; - $this->path = 'http://'.$server.$path.$name; + $this->path = $protocol . '://'.$server.$path.$name; } } From 316ed3f86b60150d66460b478bf7146811bb6bb1 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 11 Feb 2010 16:47:47 -0500 Subject: [PATCH 2/7] null theme ssl setting means 'guess' --- README | 2 ++ lib/theme.php | 13 ++++++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/README b/README index 9b4147645b..2b021b36ca 100644 --- a/README +++ b/README @@ -1221,6 +1221,8 @@ path: Path part of theme URLs, before the theme name. Relative to the (using version numbers as the path) to make sure that all files are reloaded by caching clients or proxies. Defaults to null, which means to use the site path + '/theme'. +ssl: Whether to use SSL for theme elements. Default is null, which means + guess based on site SSL settings. xmpp ---- diff --git a/lib/theme.php b/lib/theme.php index bed631d9c0..0be8c3b9df 100644 --- a/lib/theme.php +++ b/lib/theme.php @@ -110,7 +110,18 @@ class Theme $server = common_config('site', 'server'); } - $protocol = common_config('theme', 'ssl') ? 'https' : 'http'; + $ssl = common_config('theme', 'ssl'); + + if (is_null($ssl)) { // null -> guess + if (common_config('site', 'ssl') == 'always' && + !common_config('theme', 'server')) { + $ssl = true; + } else { + $ssl = false; + } + } + + $protocol = ($ssl) ? 'https' : 'http'; $this->path = $protocol . '://'.$server.$path.$name; } From 5175b5062ea7635016a392496e8495d03d71a4ae Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 11 Feb 2010 16:48:15 -0500 Subject: [PATCH 3/7] default theme ssl to null --- lib/default.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/default.php b/lib/default.php index 1a2cc4cf6d..fd6831fa9b 100644 --- a/lib/default.php +++ b/lib/default.php @@ -124,7 +124,7 @@ $default = array('server' => null, 'dir' => null, 'path'=> null, - 'ssl' => false), + 'ssl' => null), 'javascript' => array('server' => null, 'path'=> null), From d6869cde7ba7e577d54f0c6ecab3599dc85f0f67 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 11 Feb 2010 16:51:15 -0500 Subject: [PATCH 4/7] let avatars be served over SSL --- README | 2 ++ classes/Avatar.php | 15 +++++++++++++-- lib/default.php | 3 ++- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/README b/README index 2b021b36ca..9843ab89bc 100644 --- a/README +++ b/README @@ -1192,6 +1192,8 @@ server: If set, defines another server where avatars are stored in the typically only make 2 connections to a single server at a time , so this can parallelize the job. Defaults to null. +ssl: Whether to access avatars using HTTPS. Defaults to null, meaning + to guess based on site-wide SSL settings. public ------ diff --git a/classes/Avatar.php b/classes/Avatar.php index 91bde0f040..dbe2cd8138 100644 --- a/classes/Avatar.php +++ b/classes/Avatar.php @@ -82,9 +82,20 @@ class Avatar extends Memcached_DataObject $server = common_config('site', 'server'); } - // XXX: protocol + $ssl = common_config('avatar', 'ssl'); - return 'http://'.$server.$path.$filename; + if (is_null($ssl)) { // null -> guess + if (common_config('site', 'ssl') == 'always' && + !common_config('avatar', 'server')) { + $ssl = true; + } else { + $ssl = false; + } + } + + $protocol = ($ssl) ? 'https' : 'http'; + + return $protocol.'://'.$server.$path.$filename; } function displayUrl() diff --git a/lib/default.php b/lib/default.php index fd6831fa9b..d19e040367 100644 --- a/lib/default.php +++ b/lib/default.php @@ -111,7 +111,8 @@ $default = 'avatar' => array('server' => null, 'dir' => INSTALLDIR . '/avatar/', - 'path' => $_path . '/avatar/'), + 'path' => $_path . '/avatar/', + 'ssl' => null), 'background' => array('server' => null, 'dir' => INSTALLDIR . '/background/', From b96af33d978bddfa66aa893ff1d59f2d83903afa Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 11 Feb 2010 16:59:39 -0500 Subject: [PATCH 5/7] put Javascript files under SSL --- README | 11 +++++++++++ lib/default.php | 3 ++- lib/htmloutputter.php | 15 +++++++++++++-- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/README b/README index 9843ab89bc..7531df9971 100644 --- a/README +++ b/README @@ -1226,6 +1226,17 @@ path: Path part of theme URLs, before the theme name. Relative to the ssl: Whether to use SSL for theme elements. Default is null, which means guess based on site SSL settings. +javascript +---------- + +server: You can speed up page loading by pointing the + theme file lookup to another server (virtual or real). + Defaults to NULL, meaning to use the site server. +path: Path part of Javascript URLs. Defaults to null, + which means to use the site path + '/js/'. +ssl: Whether to use SSL for JavaScript files. Default is null, which means + guess based on site SSL settings. + xmpp ---- diff --git a/lib/default.php b/lib/default.php index d19e040367..8a21271b8f 100644 --- a/lib/default.php +++ b/lib/default.php @@ -128,7 +128,8 @@ $default = 'ssl' => null), 'javascript' => array('server' => null, - 'path'=> null), + 'path'=> null, + 'ssl' => null), 'throttle' => array('enabled' => false, // whether to throttle edits; false by default 'count' => 20, // number of allowed messages in timespan diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index 317f5ea612..47e56fc8f8 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -376,9 +376,20 @@ class HTMLOutputter extends XMLOutputter $server = common_config('site', 'server'); } - // XXX: protocol + $ssl = common_config('javascript', 'ssl'); - $src = 'http://'.$server.$path.$src . '?version=' . STATUSNET_VERSION; + if (is_null($ssl)) { // null -> guess + if (common_config('site', 'ssl') == 'always' && + !common_config('javascript', 'server')) { + $ssl = true; + } else { + $ssl = false; + } + } + + $protocol = ($ssl) ? 'https' : 'http'; + + $src = $protocol.'://'.$server.$path.$src . '?version=' . STATUSNET_VERSION; } $this->element('script', array('type' => $type, From 3018683718bd73bf00472622f9e81914703d50a7 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 11 Feb 2010 17:03:31 -0500 Subject: [PATCH 6/7] let backgrounds be put under SSL --- README | 2 ++ classes/Design.php | 15 +++++++++++++-- lib/default.php | 3 ++- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/README b/README index 7531df9971..3b2baaeebf 100644 --- a/README +++ b/README @@ -1521,6 +1521,8 @@ dir: directory to write backgrounds too. Default is '/background/' subdir of install dir. path: path to backgrounds. Default is sub-path of install path; note that you may need to change this if you change site-path too. +ssl: Whether or not to use HTTPS for background files. Defaults to + null, meaning to guess from site-wide SSL settings. ping ---- diff --git a/classes/Design.php b/classes/Design.php index 4e7d7dfb25..ff44e01096 100644 --- a/classes/Design.php +++ b/classes/Design.php @@ -155,9 +155,20 @@ class Design extends Memcached_DataObject $server = common_config('site', 'server'); } - // XXX: protocol + $ssl = common_config('background', 'ssl'); - return 'http://'.$server.$path.$filename; + if (is_null($ssl)) { // null -> guess + if (common_config('site', 'ssl') == 'always' && + !common_config('background', 'server')) { + $ssl = true; + } else { + $ssl = false; + } + } + + $protocol = ($ssl) ? 'https' : 'http'; + + return $protocol.'://'.$server.$path.$filename; } function setDisposition($on, $off, $tile) diff --git a/lib/default.php b/lib/default.php index 8a21271b8f..0822654f62 100644 --- a/lib/default.php +++ b/lib/default.php @@ -116,7 +116,8 @@ $default = 'background' => array('server' => null, 'dir' => INSTALLDIR . '/background/', - 'path' => $_path . '/background/'), + 'path' => $_path . '/background/', + 'ssl' => null), 'public' => array('localonly' => true, 'blacklist' => array(), From 31461e120f23416c8c4979805900e3018fb2a6fd Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 11 Feb 2010 17:06:57 -0500 Subject: [PATCH 7/7] let files go to SSL dir too --- README | 2 ++ classes/File.php | 15 +++++++++++++-- lib/default.php | 1 + 3 files changed, 16 insertions(+), 2 deletions(-) diff --git a/README b/README index 3b2baaeebf..75336eb83f 100644 --- a/README +++ b/README @@ -1462,6 +1462,8 @@ server: server name to use when creating URLs for uploaded files. a virtual server here can speed up Web performance. path: URL path, relative to the server, to find files. Defaults to main path + '/file/'. +ssl: whether to use HTTPS for file URLs. Defaults to null, meaning to + guess based on other SSL settings. filecommand: command to use for determining the type of a file. May be skipped if fileinfo extension is installed. Defaults to '/usr/bin/file'. diff --git a/classes/File.php b/classes/File.php index ee418a8024..91b12d2e28 100644 --- a/classes/File.php +++ b/classes/File.php @@ -228,9 +228,20 @@ class File extends Memcached_DataObject $server = common_config('site', 'server'); } - // XXX: protocol + $ssl = common_config('attachments', 'ssl'); - return 'http://'.$server.$path.$filename; + if (is_null($ssl)) { // null -> guess + if (common_config('site', 'ssl') == 'always' && + !common_config('attachments', 'server')) { + $ssl = true; + } else { + $ssl = false; + } + } + + $protocol = ($ssl) ? 'https' : 'http'; + + return $protocol.'://'.$server.$path.$filename; } } diff --git a/lib/default.php b/lib/default.php index 0822654f62..8b1fe27694 100644 --- a/lib/default.php +++ b/lib/default.php @@ -188,6 +188,7 @@ $default = array('server' => null, 'dir' => INSTALLDIR . '/file/', 'path' => $_path . '/file/', + 'ssl' => null, 'supported' => array('image/png', 'image/jpeg', 'image/gif',