forked from GNUsocial/gnu-social
Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a site that allows both HTTP and HTTPS...
This commit is contained in:
Mikael Nordfeldth
parent
dcf29c2a07
commit
ec257d940a
@ -417,8 +417,6 @@ class PathsAdminPanelForm extends AdminForm
|
|||||||
|
|
||||||
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
|
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
|
||||||
$ssl = array('never' => _('Never'),
|
$ssl = array('never' => _('Never'),
|
||||||
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
|
|
||||||
'sometimes' => _('Sometimes'),
|
|
||||||
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
|
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
|
||||||
'always' => _('Always'));
|
'always' => _('Always'));
|
||||||
|
|
||||||
|
|||||||
@ -187,16 +187,7 @@ class Avatar extends Managed_DataObject
|
|||||||
$server = common_config('site', 'server');
|
$server = common_config('site', 'server');
|
||||||
}
|
}
|
||||||
|
|
||||||
$ssl = common_config('avatar', 'ssl');
|
$ssl = (common_config('avatar', 'ssl') || GNUsocial::useHTTPS());
|
||||||
|
|
||||||
if (is_null($ssl)) { // null -> guess
|
|
||||||
if (common_config('site', 'ssl') == 'always' &&
|
|
||||||
!common_config('avatar', 'server')) {
|
|
||||||
$ssl = true;
|
|
||||||
} else {
|
|
||||||
$ssl = false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$protocol = ($ssl) ? 'https' : 'http';
|
$protocol = ($ssl) ? 'https' : 'http';
|
||||||
|
|
||||||
|
|||||||
@ -350,7 +350,7 @@ STR;
|
|||||||
$fail = true;
|
$fail = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!in_array($this->ssl, array('never', 'sometimes', 'always'))) {
|
if (!in_array($this->ssl, array('never', 'always'))) {
|
||||||
$this->updateStatus("Bad value for server SSL enabling.");
|
$this->updateStatus("Bad value for server SSL enabling.");
|
||||||
$fail = true;
|
$fail = true;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -405,7 +405,7 @@ abstract class Installer
|
|||||||
'sitename' => $this->sitename,
|
'sitename' => $this->sitename,
|
||||||
'server' => $this->server,
|
'server' => $this->server,
|
||||||
'path' => $this->path,
|
'path' => $this->path,
|
||||||
'ssl' => in_array($this->ssl, array('never', 'sometimes', 'always'))
|
'ssl' => in_array($this->ssl, array('never', 'always'))
|
||||||
? $this->ssl
|
? $this->ssl
|
||||||
: 'never',
|
: 'never',
|
||||||
'db_database' => $this->db['database'],
|
'db_database' => $this->db['database'],
|
||||||
|
|||||||
32
lib/util.php
32
lib/util.php
@ -354,7 +354,7 @@ function common_set_cookie($key, $value, $expiration=0)
|
|||||||
$expiration,
|
$expiration,
|
||||||
$cookiepath,
|
$cookiepath,
|
||||||
$server,
|
$server,
|
||||||
common_config('site', 'ssl')=='always');
|
GNUsocial::useHTTPS());
|
||||||
}
|
}
|
||||||
|
|
||||||
define('REMEMBERME', 'rememberme');
|
define('REMEMBERME', 'rememberme');
|
||||||
@ -1345,9 +1345,7 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad
|
|||||||
$r = Router::get();
|
$r = Router::get();
|
||||||
$path = $r->build($action, $args, $params, $fragment);
|
$path = $r->build($action, $args, $params, $fragment);
|
||||||
|
|
||||||
$ssl = common_config('site', 'ssl') === 'always'
|
$ssl = GNUsocial::useHTTPS();
|
||||||
|| GNUsocial::isHTTPS()
|
|
||||||
|| common_is_sensitive($action);
|
|
||||||
|
|
||||||
if (common_config('site','fancy')) {
|
if (common_config('site','fancy')) {
|
||||||
$url = common_path($path, $ssl, $addSession);
|
$url = common_path($path, $ssl, $addSession);
|
||||||
@ -1363,35 +1361,11 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad
|
|||||||
return $url;
|
return $url;
|
||||||
}
|
}
|
||||||
|
|
||||||
function common_is_sensitive($action)
|
|
||||||
{
|
|
||||||
static $sensitive = array(
|
|
||||||
'login',
|
|
||||||
'register',
|
|
||||||
'passwordsettings',
|
|
||||||
'api',
|
|
||||||
'ApiOAuthRequestToken',
|
|
||||||
'ApiOAuthAccessToken',
|
|
||||||
'ApiOAuthAuthorize',
|
|
||||||
'ApiOAuthPin',
|
|
||||||
'showapplication'
|
|
||||||
);
|
|
||||||
$ssl = null;
|
|
||||||
|
|
||||||
if (Event::handle('SensitiveAction', array($action, &$ssl))) {
|
|
||||||
$ssl = in_array($action, $sensitive);
|
|
||||||
}
|
|
||||||
|
|
||||||
return $ssl;
|
|
||||||
}
|
|
||||||
|
|
||||||
function common_path($relative, $ssl=false, $addSession=true)
|
function common_path($relative, $ssl=false, $addSession=true)
|
||||||
{
|
{
|
||||||
$pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : '';
|
$pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : '';
|
||||||
|
|
||||||
if (($ssl && (common_config('site', 'ssl') === 'sometimes'))
|
if ($ssl && GNUsocial::useHTTPS()) {
|
||||||
|| GNUsocial::isHTTPS()
|
|
||||||
|| common_config('site', 'ssl') === 'always') {
|
|
||||||
$proto = 'https';
|
$proto = 'https';
|
||||||
if (is_string(common_config('site', 'sslserver')) &&
|
if (is_string(common_config('site', 'sslserver')) &&
|
||||||
mb_strlen(common_config('site', 'sslserver')) > 0) {
|
mb_strlen(common_config('site', 'sslserver')) > 0) {
|
||||||
|
|||||||
@ -472,30 +472,6 @@ ENDOFSCRIPT;
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
|
||||||
* Use SSL for Facebook stuff
|
|
||||||
*
|
|
||||||
* @param string $action name
|
|
||||||
* @param boolean $ssl outval to force SSL
|
|
||||||
* @return mixed hook return value
|
|
||||||
*/
|
|
||||||
function onSensitiveAction($action, &$ssl)
|
|
||||||
{
|
|
||||||
$sensitive = array(
|
|
||||||
'facebookadminpanel',
|
|
||||||
'facebooksettings',
|
|
||||||
'facebooklogin',
|
|
||||||
'facebookfinishlogin'
|
|
||||||
);
|
|
||||||
|
|
||||||
if (in_array($action, $sensitive)) {
|
|
||||||
$ssl = true;
|
|
||||||
return false;
|
|
||||||
} else {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* If a notice gets deleted, remove the Notice_to_item mapping and
|
* If a notice gets deleted, remove the Notice_to_item mapping and
|
||||||
* delete the item on Facebook
|
* delete the item on Facebook
|
||||||
|
|||||||
@ -329,29 +329,6 @@ class OpenIDPlugin extends Plugin
|
|||||||
return parent::onAutoload($cls);
|
return parent::onAutoload($cls);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Sensitive actions
|
|
||||||
*
|
|
||||||
* These actions should use https when SSL support is 'sometimes'
|
|
||||||
*
|
|
||||||
* @param Action $action Action to form an URL for
|
|
||||||
* @param boolean &$ssl Whether to mark it for SSL
|
|
||||||
*
|
|
||||||
* @return boolean hook return
|
|
||||||
*/
|
|
||||||
function onSensitiveAction($action, &$ssl)
|
|
||||||
{
|
|
||||||
switch ($action)
|
|
||||||
{
|
|
||||||
case 'finishopenidlogin':
|
|
||||||
case 'finishaddopenid':
|
|
||||||
$ssl = true;
|
|
||||||
return false;
|
|
||||||
default:
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Login actions
|
* Login actions
|
||||||
*
|
*
|
||||||
|
|||||||
@ -7,7 +7,7 @@ add "addPlugin('strictTransportSecurity');"
|
|||||||
to the bottom of your config.php
|
to the bottom of your config.php
|
||||||
|
|
||||||
The plugin will not do anything unless:
|
The plugin will not do anything unless:
|
||||||
$config['site']['ssl'] is set to 'always'
|
$config['site']['ssl'] is set to something other than 'never'
|
||||||
$config['site']['path'] is either not set, empty, or '/'
|
$config['site']['path'] is either not set, empty, or '/'
|
||||||
|
|
||||||
Settings
|
Settings
|
||||||
|
|||||||
@ -43,7 +43,7 @@ class StrictTransportSecurityPlugin extends Plugin
|
|||||||
function onArgsInitialize($args)
|
function onArgsInitialize($args)
|
||||||
{
|
{
|
||||||
$path = common_config('site', 'path');
|
$path = common_config('site', 'path');
|
||||||
if(common_config('site', 'ssl') == 'always' && ($path == '/' || ! $path )) {
|
if (GNUsocial::useHTTPS() && ($path == '/' || mb_strlen($path)==0 )) {
|
||||||
header('Strict-Transport-Security: max-age=' . $this->max_age
|
header('Strict-Transport-Security: max-age=' . $this->max_age
|
||||||
. ($this->includeSubDomains ? '; includeSubDomains' : '')
|
. ($this->includeSubDomains ? '; includeSubDomains' : '')
|
||||||
. ($this->preloadToken ? '; preload' : ''));
|
. ($this->preloadToken ? '; preload' : ''));
|
||||||
|
|||||||
@ -323,31 +323,6 @@ class TwitterBridgePlugin extends Plugin
|
|||||||
return (bool)$this->adminImportControl;
|
return (bool)$this->adminImportControl;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* When the site is set to ssl=sometimes mode, we should make sure our
|
|
||||||
* various auth-related pages are on SSL to keep things looking happy.
|
|
||||||
* Although we're not submitting passwords directly, we do link out to
|
|
||||||
* an authentication source and it's a lot happier if we've got some
|
|
||||||
* protection against MitM.
|
|
||||||
*
|
|
||||||
* @param string $action name
|
|
||||||
* @param boolean $ssl outval to force SSL
|
|
||||||
* @return mixed hook return value
|
|
||||||
*/
|
|
||||||
function onSensitiveAction($action, &$ssl)
|
|
||||||
{
|
|
||||||
$sensitive = array('twitteradminpanel',
|
|
||||||
'twittersettings',
|
|
||||||
'twitterauthorization',
|
|
||||||
'twitterlogin');
|
|
||||||
if (in_array($action, $sensitive)) {
|
|
||||||
$ssl = true;
|
|
||||||
return false;
|
|
||||||
} else {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Database schema setup
|
* Database schema setup
|
||||||
*
|
*
|
||||||
|
|||||||
@ -161,7 +161,7 @@ install_cli.php - StatusNet command-line installer
|
|||||||
--sitename User-friendly site name (required)
|
--sitename User-friendly site name (required)
|
||||||
--fancy Whether to use fancy URLs (default no)
|
--fancy Whether to use fancy URLs (default no)
|
||||||
--ssl Server SSL enabled (default never),
|
--ssl Server SSL enabled (default never),
|
||||||
[never | sometimes | always]
|
[never | always]
|
||||||
|
|
||||||
--dbtype 'mysql' (default) or 'pgsql'
|
--dbtype 'mysql' (default) or 'pgsql'
|
||||||
--host Database hostname (required)
|
--host Database hostname (required)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user