Merge branch '0.9.x' into 1.0.x

[quix0rs-gnu-social.git] / index.php

diff --git a/index.php b/index.php
index 3efe5c8e494a6f5c5bf04e1c4eb5e70b0251542a..c8d4fbee9b0f30a6e44325b2a6508cef02a377f8 100644 (file)
--- a/index.php
+++ b/index.php
@@ -37,6 +37,9 @@
  * @license  GNU Affero General Public License http://www.gnu.org/licenses/
  */
 
+$_startTime = microtime(true);
+$_perfCounters = array();
+
 define('INSTALLDIR', dirname(__FILE__));
 define('STATUSNET', true);
 define('LACONICA', true); // compatibility
@@ -204,7 +207,7 @@ function checkMirror($action_obj, $args)
 
 function isLoginAction($action)
 {
-    static $loginActions =  array('login', 'recoverpassword', 'api', 'doc', 'register', 'publicxrds', 'otp', 'opensearch', 'rsd');
+    static $loginActions =  array('login', 'recoverpassword', 'api', 'doc', 'register', 'publicxrds', 'otp', 'opensearch', 'rsd', 'hostmeta');
 
     $login = null;
 
@@ -219,7 +222,7 @@ function main()
 {
     // fake HTTP redirects using lighttpd's 404 redirects
     if (strpos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') !== false) {
-        $_lighty_url = $base_url.$_SERVER['REQUEST_URI'];
+        $_lighty_url = $_SERVER['REQUEST_URI'];
         $_lighty_url = @parse_url($_lighty_url);
 
         if ($_lighty_url['path'] != '/index.php' && $_lighty_url['path'] != '/') {
@@ -283,6 +286,14 @@ function main()
         return;
     }
 
+    $site_ssl = common_config('site', 'ssl');
+
+    // If the request is HTTP and it should be HTTPS...
+    if ($site_ssl != 'never' && !StatusNet::isHTTPS() && common_is_sensitive($args['action'])) {
+        common_redirect(common_local_url($args['action'], $args));
+        return;
+    }
+
     $args = array_merge($args, $_REQUEST);
 
     Event::handle('ArgsInitialize', array(&$args));