From 2b5372aebe3b65befe7d6d80cef62c8810ce237d Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Sun, 26 Oct 2014 22:15:12 +0100 Subject: [PATCH] Forcing all non-SSL requests to SSL requests is now an option. --- index.php | 4 ++-- mod/admin.php | 3 +++ view/templates/admin_site.tpl | 1 + 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/index.php b/index.php index 45d15996..5dcb9a54 100644 --- a/index.php +++ b/index.php @@ -53,8 +53,8 @@ if(!$install) { load_config('config'); load_config('system'); - if ((intval(get_config('system','ssl_policy')) == SSL_POLICY_FULL) AND - ($a->get_scheme() == "http") AND + if (get_config('system','force_ssl') AND ($a->get_scheme() == "http") AND + (intval(get_config('system','ssl_policy')) == SSL_POLICY_FULL) AND (substr($a->get_baseurl(), 0, 8) == "https://")) { header("HTTP/1.1 302 Moved Temporarily"); header("location: ".$a->get_baseurl()."/".$a->query_string); diff --git a/mod/admin.php b/mod/admin.php index 99f72020..224a1f8c 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -354,6 +354,7 @@ function admin_page_site_post(&$a){ $ostatus_poll_interval = ((x($_POST,'ostatus_poll_interval')) ? intval(trim($_POST['ostatus_poll_interval'])) : 0); $diaspora_enabled = ((x($_POST,'diaspora_enabled')) ? True : False); $ssl_policy = ((x($_POST,'ssl_policy')) ? intval($_POST['ssl_policy']) : 0); + $force_ssl = ((x($_POST,'force_ssl')) ? True : False); $old_share = ((x($_POST,'old_share')) ? True : False); $hide_help = ((x($_POST,'hide_help')) ? True : False); $suppress_language = ((x($_POST,'suppress_language')) ? True : False); @@ -481,6 +482,7 @@ function admin_page_site_post(&$a){ set_config('system','diaspora_enabled', $diaspora_enabled); set_config('config','private_addons', $private_addons); + set_config('system','force_ssl', $force_ssl); set_config('system','old_share', $old_share); set_config('system','hide_help', $hide_help); set_config('system','use_fulltext_engine', $use_fulltext_engine); @@ -603,6 +605,7 @@ function admin_page_site(&$a) { '$theme' => array('theme', t("System theme"), get_config('system','theme'), t("Default system theme - may be over-ridden by user profiles - change theme settings"), $theme_choices), '$theme_mobile' => array('theme_mobile', t("Mobile system theme"), get_config('system','mobile-theme'), t("Theme for mobile devices"), $theme_choices_mobile), '$ssl_policy' => array('ssl_policy', t("SSL link policy"), (string) intval(get_config('system','ssl_policy')), t("Determines whether generated links should be forced to use SSL"), $ssl_choices), + '$force_ssl' => array('force_ssl', t("Force SSL"), get_config('system','force_ssl'), t("Force all Non-SSL requests to SSL - Attention: on some systems it could lead to endless loops.")), '$old_share' => array('old_share', t("Old style 'Share'"), get_config('system','old_share'), t("Deactivates the bbcode element 'share' for repeating items.")), '$hide_help' => array('hide_help', t("Hide help entry from navigation menu"), get_config('system','hide_help'), t("Hides the menu entry for the Help pages from the navigation menu. You can still access it calling /help directly.")), '$singleuser' => array('singleuser', t("Single user instance"), get_config('system','singleuser'), t("Make this instance multi-user or single-user for the named user"), $user_names), diff --git a/view/templates/admin_site.tpl b/view/templates/admin_site.tpl index 21b0ec01..7237a2f2 100644 --- a/view/templates/admin_site.tpl +++ b/view/templates/admin_site.tpl @@ -51,6 +51,7 @@ {{include file="field_select.tpl" field=$theme}} {{include file="field_select.tpl" field=$theme_mobile}} {{include file="field_select.tpl" field=$ssl_policy}} + {{if $ssl_policy.2 == 1}}{{include file="field_checkbox.tpl" field=$force_ssl}}{{/if}} {{include file="field_checkbox.tpl" field=$old_share}} {{include file="field_checkbox.tpl" field=$hide_help}} {{include file="field_select.tpl" field=$singleuser}}