From f83b81b8c476229e1488571b641fa314180d81aa Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Wed, 23 Mar 2016 15:21:02 +0100 Subject: [PATCH] Change config webfinger/http_alias to fix/legacy_http Set $config['fix']['legacy_http'] to perform some actions that are needed if your site used to be served over http but now has upgraded to https! --- lib/default.php | 1 + plugins/WebFinger/WebFingerPlugin.php | 7 ------- plugins/WebFinger/lib/webfingerresource.php | 2 +- 3 files changed, 2 insertions(+), 8 deletions(-) diff --git a/lib/default.php b/lib/default.php index bf2d37d773..5c99d824dc 100644 --- a/lib/default.php +++ b/lib/default.php @@ -83,6 +83,7 @@ $default = 'mysql_foreign_keys' => false), // if set, enables experimental foreign key support on MySQL 'fix' => array('fancyurls' => true, // makes sure aliases in WebFinger etc. are not f'd by index.php/ URLs + 'legacy_http' => false, // set this to true if you have upgraded your site from http=>https ), 'syslog' => array('appname' => 'statusnet', # for syslog diff --git a/plugins/WebFinger/WebFingerPlugin.php b/plugins/WebFinger/WebFingerPlugin.php index d902947d93..5f686434f3 100644 --- a/plugins/WebFinger/WebFingerPlugin.php +++ b/plugins/WebFinger/WebFingerPlugin.php @@ -35,13 +35,6 @@ class WebFingerPlugin extends Plugin const OAUTH_REQUEST_TOKEN_REL = 'http://apinamespace.org/oauth/request_token'; const OAUTH_AUTHORIZE_REL = 'http://apinamespace.org/oauth/authorize'; - public $http_alias = false; - - public function initialize() - { - common_config_set('webfinger', 'http_alias', $this->http_alias); - } - public function onRouterInitialized($m) { $m->connect('.well-known/host-meta', array('action' => 'hostmeta')); diff --git a/plugins/WebFinger/lib/webfingerresource.php b/plugins/WebFinger/lib/webfingerresource.php index b7bace36d2..e4f14b13d5 100644 --- a/plugins/WebFinger/lib/webfingerresource.php +++ b/plugins/WebFinger/lib/webfingerresource.php @@ -37,7 +37,7 @@ abstract class WebFingerResource // (because remote sites look for it) verify that they are still // the same identity as they were on HTTP. Should NOT be used if // you've run HTTPS all the time! - if (common_config('webfinger', 'http_alias')) { + if (common_config('fix', 'legacy_http')) { foreach ($aliases as $alias=>$id) { if (!strtolower(parse_url($alias, PHP_URL_SCHEME)) === 'https') { continue;