Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a site that allows both HTTP and HTTPS...
This commit is contained in:
Mikael Nordfeldth
parent
dcf29c2a07
commit
ec257d940a
|
|
@ -417,8 +417,6 @@ class PathsAdminPanelForm extends AdminForm
|
|||
|
||||
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
|
||||
$ssl = array('never' => _('Never'),
|
||||
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
|
||||
'sometimes' => _('Sometimes'),
|
||||
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
|
||||
'always' => _('Always'));
|
||||
|
||||
|
|
|
|||
|
|
@ -187,16 +187,7 @@ class Avatar extends Managed_DataObject
|
|||
$server = common_config('site', 'server');
|
||||
}
|
||||
|
||||
$ssl = common_config('avatar', 'ssl');
|
||||
|
||||
if (is_null($ssl)) { // null -> guess
|
||||
if (common_config('site', 'ssl') == 'always' &&
|
||||
!common_config('avatar', 'server')) {
|
||||
$ssl = true;
|
||||
} else {
|
||||
$ssl = false;
|
||||
}
|
||||
}
|
||||
$ssl = (common_config('avatar', 'ssl') || GNUsocial::useHTTPS());
|
||||
|
||||
$protocol = ($ssl) ? 'https' : 'http';
|
||||
|
||||
|
|
|
|||
|
|
@ -350,7 +350,7 @@ STR;
|
|||
$fail = true;
|
||||
}
|
||||
|
||||
if (!in_array($this->ssl, array('never', 'sometimes', 'always'))) {
|
||||
if (!in_array($this->ssl, array('never', 'always'))) {
|
||||
$this->updateStatus("Bad value for server SSL enabling.");
|
||||
$fail = true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -405,7 +405,7 @@ abstract class Installer
|
|||
'sitename' => $this->sitename,
|
||||
'server' => $this->server,
|
||||
'path' => $this->path,
|
||||
'ssl' => in_array($this->ssl, array('never', 'sometimes', 'always'))
|
||||
'ssl' => in_array($this->ssl, array('never', 'always'))
|
||||
? $this->ssl
|
||||
: 'never',
|
||||
'db_database' => $this->db['database'],
|
||||
|
|
|
|||
32
lib/util.php
32
lib/util.php
|
|
@ -354,7 +354,7 @@ function common_set_cookie($key, $value, $expiration=0)
|
|||
$expiration,
|
||||
$cookiepath,
|
||||
$server,
|
||||
common_config('site', 'ssl')=='always');
|
||||
GNUsocial::useHTTPS());
|
||||
}
|
||||
|
||||
define('REMEMBERME', 'rememberme');
|
||||
|
|
@ -1345,9 +1345,7 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad
|
|||
$r = Router::get();
|
||||
$path = $r->build($action, $args, $params, $fragment);
|
||||
|
||||
$ssl = common_config('site', 'ssl') === 'always'
|
||||
|| GNUsocial::isHTTPS()
|
||||
|| common_is_sensitive($action);
|
||||
$ssl = GNUsocial::useHTTPS();
|
||||
|
||||
if (common_config('site','fancy')) {
|
||||
$url = common_path($path, $ssl, $addSession);
|
||||
|
|
@ -1363,35 +1361,11 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad
|
|||
return $url;
|
||||
}
|
||||
|
||||
function common_is_sensitive($action)
|
||||
{
|
||||
static $sensitive = array(
|
||||
'login',
|
||||
'register',
|
||||
'passwordsettings',
|
||||
'api',
|
||||
'ApiOAuthRequestToken',
|
||||
'ApiOAuthAccessToken',
|
||||
'ApiOAuthAuthorize',
|
||||
'ApiOAuthPin',
|
||||
'showapplication'
|
||||
);
|
||||
$ssl = null;
|
||||
|
||||
if (Event::handle('SensitiveAction', array($action, &$ssl))) {
|
||||
$ssl = in_array($action, $sensitive);
|
||||
}
|
||||
|
||||
return $ssl;
|
||||
}
|
||||
|
||||
function common_path($relative, $ssl=false, $addSession=true)
|
||||
{
|
||||
$pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : '';
|
||||
|
||||
if (($ssl && (common_config('site', 'ssl') === 'sometimes'))
|
||||
|| GNUsocial::isHTTPS()
|
||||
|| common_config('site', 'ssl') === 'always') {
|
||||
if ($ssl && GNUsocial::useHTTPS()) {
|
||||
$proto = 'https';
|
||||
if (is_string(common_config('site', 'sslserver')) &&
|
||||
mb_strlen(common_config('site', 'sslserver')) > 0) {
|
||||
|
|
|
|||
|
|
@ -472,30 +472,6 @@ ENDOFSCRIPT;
|
|||
return true;
|
||||
}
|
||||
|
||||
/*
|
||||
* Use SSL for Facebook stuff
|
||||
*
|
||||
* @param string $action name
|
||||
* @param boolean $ssl outval to force SSL
|
||||
* @return mixed hook return value
|
||||
*/
|
||||
function onSensitiveAction($action, &$ssl)
|
||||
{
|
||||
$sensitive = array(
|
||||
'facebookadminpanel',
|
||||
'facebooksettings',
|
||||
'facebooklogin',
|
||||
'facebookfinishlogin'
|
||||
);
|
||||
|
||||
if (in_array($action, $sensitive)) {
|
||||
$ssl = true;
|
||||
return false;
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* If a notice gets deleted, remove the Notice_to_item mapping and
|
||||
* delete the item on Facebook
|
||||
|
|
|
|||
|
|
@ -329,29 +329,6 @@ class OpenIDPlugin extends Plugin
|
|||
return parent::onAutoload($cls);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sensitive actions
|
||||
*
|
||||
* These actions should use https when SSL support is 'sometimes'
|
||||
*
|
||||
* @param Action $action Action to form an URL for
|
||||
* @param boolean &$ssl Whether to mark it for SSL
|
||||
*
|
||||
* @return boolean hook return
|
||||
*/
|
||||
function onSensitiveAction($action, &$ssl)
|
||||
{
|
||||
switch ($action)
|
||||
{
|
||||
case 'finishopenidlogin':
|
||||
case 'finishaddopenid':
|
||||
$ssl = true;
|
||||
return false;
|
||||
default:
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Login actions
|
||||
*
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ add "addPlugin('strictTransportSecurity');"
|
|||
to the bottom of your config.php
|
||||
|
||||
The plugin will not do anything unless:
|
||||
$config['site']['ssl'] is set to 'always'
|
||||
$config['site']['ssl'] is set to something other than 'never'
|
||||
$config['site']['path'] is either not set, empty, or '/'
|
||||
|
||||
Settings
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@ class StrictTransportSecurityPlugin extends Plugin
|
|||
function onArgsInitialize($args)
|
||||
{
|
||||
$path = common_config('site', 'path');
|
||||
if(common_config('site', 'ssl') == 'always' && ($path == '/' || ! $path )) {
|
||||
if (GNUsocial::useHTTPS() && ($path == '/' || mb_strlen($path)==0 )) {
|
||||
header('Strict-Transport-Security: max-age=' . $this->max_age
|
||||
. ($this->includeSubDomains ? '; includeSubDomains' : '')
|
||||
. ($this->preloadToken ? '; preload' : ''));
|
||||
|
|
|
|||
|
|
@ -323,31 +323,6 @@ class TwitterBridgePlugin extends Plugin
|
|||
return (bool)$this->adminImportControl;
|
||||
}
|
||||
|
||||
/**
|
||||
* When the site is set to ssl=sometimes mode, we should make sure our
|
||||
* various auth-related pages are on SSL to keep things looking happy.
|
||||
* Although we're not submitting passwords directly, we do link out to
|
||||
* an authentication source and it's a lot happier if we've got some
|
||||
* protection against MitM.
|
||||
*
|
||||
* @param string $action name
|
||||
* @param boolean $ssl outval to force SSL
|
||||
* @return mixed hook return value
|
||||
*/
|
||||
function onSensitiveAction($action, &$ssl)
|
||||
{
|
||||
$sensitive = array('twitteradminpanel',
|
||||
'twittersettings',
|
||||
'twitterauthorization',
|
||||
'twitterlogin');
|
||||
if (in_array($action, $sensitive)) {
|
||||
$ssl = true;
|
||||
return false;
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Database schema setup
|
||||
*
|
||||
|
|
|
|||
|
|
@ -161,7 +161,7 @@ install_cli.php - StatusNet command-line installer
|
|||
--sitename User-friendly site name (required)
|
||||
--fancy Whether to use fancy URLs (default no)
|
||||
--ssl Server SSL enabled (default never),
|
||||
[never | sometimes | always]
|
||||
[never | always]
|
||||
|
||||
--dbtype 'mysql' (default) or 'pgsql'
|
||||
--host Database hostname (required)
|
||||
|
|
|
|||
Loading…
Reference in New Issue