From 68e75b462379f11d8c4d12e876ca2fe1e4ad3695 Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Fri, 24 Oct 2014 00:52:29 +0200 Subject: [PATCH] Reload a non-ssl-request to a ssl-request. (only when SSL_POLICY_FULL is enabled) --- boot.php | 4 ++++ index.php | 7 +++++++ 2 files changed, 11 insertions(+) diff --git a/boot.php b/boot.php index 0d7c6e878f..05be15b7d7 100644 --- a/boot.php +++ b/boot.php @@ -609,6 +609,10 @@ if(! class_exists('App')) { return($basepath); } + function get_scheme() { + return($this->scheme); + } + function get_baseurl($ssl = false) { $scheme = $this->scheme; diff --git a/index.php b/index.php index d628f9ad21..45d1599692 100644 --- a/index.php +++ b/index.php @@ -53,6 +53,13 @@ if(!$install) { load_config('config'); load_config('system'); + if ((intval(get_config('system','ssl_policy')) == SSL_POLICY_FULL) AND + ($a->get_scheme() == "http") AND + (substr($a->get_baseurl(), 0, 8) == "https://")) { + header("HTTP/1.1 302 Moved Temporarily"); + header("location: ".$a->get_baseurl()."/".$a->query_string); + } + require_once("include/session.php"); load_hooks(); call_hooks('init_1'); -- 2.39.5