From: Mikael Nordfeldth Date: Wed, 10 Feb 2016 00:05:02 +0000 (+0100) Subject: Use config site/sslproxy to force HTTPS (i.e. using reverse proxy to enable it) X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=a61235086bb681a0868973162631417c4ea00f53;p=quix0rs-gnu-social.git Use config site/sslproxy to force HTTPS (i.e. using reverse proxy to enable it) Usage in config.php: $config['site']['sslproxy'] = true; Add this to documentation... --- diff --git a/index.php b/index.php index de57f1078d..ecbfb3eb7b 100644 --- a/index.php +++ b/index.php @@ -266,10 +266,8 @@ function main() $args = $r->map($path); - $site_ssl = common_config('site', 'ssl'); - // If the request is HTTP and it should be HTTPS... - if ($site_ssl != 'never' && !GNUsocial::isHTTPS() && common_is_sensitive($args['action'])) { + if (GNUsocial::useHTTPS() && !GNUsocial::isHTTPS()) { common_redirect(common_local_url($args['action'], $args)); } diff --git a/lib/default.php b/lib/default.php index c17c2e0bf4..dbd3a694c5 100644 --- a/lib/default.php +++ b/lib/default.php @@ -56,6 +56,7 @@ $default = 'inviteonly' => true, 'private' => false, 'ssl' => 'never', + 'sslproxy' => false, // set to true to force GNU social to think it is HTTPS (i.e. using reverse proxy to enable it) 'sslserver' => null, 'dupelimit' => 60, // default for same person saying the same thing 'textlimit' => 1000, // in chars; 0 == no limit diff --git a/lib/gnusocial.php b/lib/gnusocial.php index ed87782c47..277c41e7c8 100644 --- a/lib/gnusocial.php +++ b/lib/gnusocial.php @@ -426,6 +426,10 @@ class GNUsocial static function isHTTPS() { + if (common_config('site', 'sslproxy')) { + return true; + } + // There are some exceptions to this; add them here! if (empty($_SERVER['HTTPS'])) { return false;