Support SSL for some, all, or no pages
Support SSL URLs either for all pages; no pages; or for sensitive pages accepting passwords, like login, registration, API, and others.
This commit is contained in:
parent
47b89aa2c3
commit
e149f3d64b
10
README
10
README
@ -925,6 +925,16 @@ dupelimit: Time in which it's not OK for the same person to post the
|
||||
same notice; default = 60 seconds.
|
||||
logo: URL of an image file to use as the logo for the site. Overrides
|
||||
the logo in the theme, if any.
|
||||
ssl: Whether to use SSL and https:// URLs for some or all pages.
|
||||
Possible values are 'always' (use it for all pages), 'never'
|
||||
(don't use it for any pages), or 'sometimes' (use it for
|
||||
sensitive pages that include passwords like login and registration,
|
||||
but not for regular pages). Default to 'never'.
|
||||
sslserver: use an alternate server name for SSL URLs, like
|
||||
'secure.example.org'. You should be careful to set cookie
|
||||
parameters correctly so that both the SSL server and the
|
||||
"normal" server can access the session cookie and
|
||||
preferably other cookies as well.
|
||||
|
||||
db
|
||||
--
|
||||
|
@ -174,3 +174,13 @@ $config['sphinx']['port'] = 3312;
|
||||
#http://taguri.org/ Examples:
|
||||
#$config['integration']['taguri'] = 'example.net,2008';
|
||||
#$config['integration']['taguri'] = 'admin@example.net,2009-03-09'
|
||||
|
||||
#Don't use SSL
|
||||
#$config['site']['ssl'] = 'never';
|
||||
#Use SSL only for sensitive pages (like login, password change)
|
||||
#$config['site']['ssl'] = 'sometimes';
|
||||
#Use SSL for all pages
|
||||
#$config['site']['ssl'] = 'always';
|
||||
|
||||
#Use a different hostname for SSL-encrypted pages
|
||||
#$config['site']['sslserver'] = 'secure.example.org';
|
||||
|
@ -87,6 +87,8 @@ $config =
|
||||
'closed' => false,
|
||||
'inviteonly' => false,
|
||||
'private' => false,
|
||||
'ssl' => 'never',
|
||||
'sslserver' => null,
|
||||
'dupelimit' => 60), # default for same person saying the same thing
|
||||
'syslog' =>
|
||||
array('appname' => 'laconica', # for syslog
|
||||
|
31
lib/util.php
31
lib/util.php
@ -721,25 +721,46 @@ function common_relative_profile($sender, $nickname, $dt=null)
|
||||
|
||||
function common_local_url($action, $args=null, $params=null, $fragment=null)
|
||||
{
|
||||
static $sensitive = array('login', 'register', 'passwordsettings',
|
||||
'twittersettings', 'finishopenidlogin',
|
||||
'api');
|
||||
|
||||
$r = Router::get();
|
||||
$path = $r->build($action, $args, $params, $fragment);
|
||||
|
||||
$ssl = in_array($action, $sensitive);
|
||||
|
||||
if (common_config('site','fancy')) {
|
||||
$url = common_path(mb_substr($path, 1));
|
||||
$url = common_path(mb_substr($path, 1), $ssl);
|
||||
} else {
|
||||
if (mb_strpos($path, '/index.php') === 0) {
|
||||
$url = common_path(mb_substr($path, 1));
|
||||
$url = common_path(mb_substr($path, 1), $ssl);
|
||||
} else {
|
||||
$url = common_path('index.php'.$path);
|
||||
$url = common_path('index.php'.$path, $ssl);
|
||||
}
|
||||
}
|
||||
return $url;
|
||||
}
|
||||
|
||||
function common_path($relative)
|
||||
function common_path($relative, $ssl=false)
|
||||
{
|
||||
$pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : '';
|
||||
return "http://".common_config('site', 'server').'/'.$pathpart.$relative;
|
||||
|
||||
if (($ssl && (common_config('site', 'ssl') === 'sometimes'))
|
||||
|| common_config('site', 'ssl') === 'always') {
|
||||
$proto = 'https';
|
||||
if (is_string(common_config('site', 'sslserver')) &&
|
||||
mb_strlen(common_config('site', 'sslserver')) > 0) {
|
||||
$serverpart = common_config('site', 'sslserver');
|
||||
} else {
|
||||
$serverpart = common_config('site', 'server');
|
||||
}
|
||||
} else {
|
||||
$proto = 'http';
|
||||
$serverpart = common_config('site', 'server');
|
||||
}
|
||||
|
||||
return $proto.'://'.$serverpart.'/'.$pathpart.$relative;
|
||||
}
|
||||
|
||||
function common_date_string($dt)
|
||||
|
Loading…
Reference in New Issue
Block a user