From f970d9ab4d608d36aca405c11746082156e1e661 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sat, 29 Jan 2011 22:35:11 -0800 Subject: [PATCH] implement SSL redirection policy (none, full, selfsign) --- boot.php | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/boot.php b/boot.php index 223c9416d1..83ceaac280 100644 --- a/boot.php +++ b/boot.php @@ -10,6 +10,16 @@ define ( 'EOL', "
\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); define ( 'DOWN_ARROW', '⇩' ); + +/** + * SSL redirection policies + */ + +define ( 'SSL_POLICY_NONE', 0 ); +define ( 'SSL_POLICY_FULL', 1 ); +define ( 'SSL_POLICY_SELFSIGN' 2 ); + + /** * log levels */ @@ -273,7 +283,14 @@ class App { if(strlen($this->baseurl)) return $this->baseurl; - $this->baseurl = (($ssl) ? 'https' : $this->scheme) . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' ); + $scheme = $this->scheme; + + if(($ssl) || ($a->config['ssl_policy'] == SSL_POLICY_FULL)) + $scheme = 'https'; + if(($a->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params'))) + $scheme = 'https'; + + $this->baseurl = ( $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' ); return $this->baseurl; }