From ec257d940a3dda9f6db153efc46342a348560192 Mon Sep 17 00:00:00 2001
From: Mikael Nordfeldth <mmn@hethane.se>
Date: Wed, 10 Feb 2016 00:57:39 +0100
Subject: [PATCH] Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
---
actions/pathsadminpanel.php | 2 --
classes/Avatar.php | 11 +------
install.php | 2 +-
lib/installer.php | 2 +-
lib/util.php | 32 ++-----------------
.../FacebookBridge/FacebookBridgePlugin.php | 24 --------------
plugins/OpenID/OpenIDPlugin.php | 23 -------------
plugins/StrictTransportSecurity/README | 2 +-
.../StrictTransportSecurityPlugin.php | 2 +-
plugins/TwitterBridge/TwitterBridgePlugin.php | 25 ---------------
scripts/install_cli.php | 2 +-
11 files changed, 9 insertions(+), 118 deletions(-)
diff --git a/actions/pathsadminpanel.php b/actions/pathsadminpanel.php
index 57f82e7995..6b11df6f31 100644
--- a/actions/pathsadminpanel.php
+++ b/actions/pathsadminpanel.php
@@ -417,8 +417,6 @@ class PathsAdminPanelForm extends AdminForm
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
$ssl = array('never' => _('Never'),
- // TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
- 'sometimes' => _('Sometimes'),
// TRANS: Drop down option in Paths admin panel (option for "When to use SSL").
'always' => _('Always'));
diff --git a/classes/Avatar.php b/classes/Avatar.php
index 5ce2712dfb..d8cc134b80 100644
--- a/classes/Avatar.php
+++ b/classes/Avatar.php
@@ -187,16 +187,7 @@ class Avatar extends Managed_DataObject
$server = common_config('site', 'server');
}
- $ssl = common_config('avatar', 'ssl');
-
- if (is_null($ssl)) { // null -> guess
- if (common_config('site', 'ssl') == 'always' &&
- !common_config('avatar', 'server')) {
- $ssl = true;
- } else {
- $ssl = false;
- }
- }
+ $ssl = (common_config('avatar', 'ssl') || GNUsocial::useHTTPS());
$protocol = ($ssl) ? 'https' : 'http';
diff --git a/install.php b/install.php
index 2752c96767..716e1c370a 100644
--- a/install.php
+++ b/install.php
@@ -350,7 +350,7 @@ STR;
$fail = true;
}
- if (!in_array($this->ssl, array('never', 'sometimes', 'always'))) {
+ if (!in_array($this->ssl, array('never', 'always'))) {
$this->updateStatus("Bad value for server SSL enabling.");
$fail = true;
}
diff --git a/lib/installer.php b/lib/installer.php
index 650845f0f0..d2fda92560 100644
--- a/lib/installer.php
+++ b/lib/installer.php
@@ -405,7 +405,7 @@ abstract class Installer
'sitename' => $this->sitename,
'server' => $this->server,
'path' => $this->path,
- 'ssl' => in_array($this->ssl, array('never', 'sometimes', 'always'))
+ 'ssl' => in_array($this->ssl, array('never', 'always'))
? $this->ssl
: 'never',
'db_database' => $this->db['database'],
diff --git a/lib/util.php b/lib/util.php
index 98d8ac220b..6a5c310193 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -354,7 +354,7 @@ function common_set_cookie($key, $value, $expiration=0)
$expiration,
$cookiepath,
$server,
- common_config('site', 'ssl')=='always');
+ GNUsocial::useHTTPS());
}
define('REMEMBERME', 'rememberme');
@@ -1345,9 +1345,7 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad
$r = Router::get();
$path = $r->build($action, $args, $params, $fragment);
- $ssl = common_config('site', 'ssl') === 'always'
- || GNUsocial::isHTTPS()
- || common_is_sensitive($action);
+ $ssl = GNUsocial::useHTTPS();
if (common_config('site','fancy')) {
$url = common_path($path, $ssl, $addSession);
@@ -1363,35 +1361,11 @@ function common_local_url($action, $args=null, $params=null, $fragment=null, $ad
return $url;
}
-function common_is_sensitive($action)
-{
- static $sensitive = array(
- 'login',
- 'register',
- 'passwordsettings',
- 'api',
- 'ApiOAuthRequestToken',
- 'ApiOAuthAccessToken',
- 'ApiOAuthAuthorize',
- 'ApiOAuthPin',
- 'showapplication'
- );
- $ssl = null;
-
- if (Event::handle('SensitiveAction', array($action, &$ssl))) {
- $ssl = in_array($action, $sensitive);
- }
-
- return $ssl;
-}
-
function common_path($relative, $ssl=false, $addSession=true)
{
$pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : '';
- if (($ssl && (common_config('site', 'ssl') === 'sometimes'))
- || GNUsocial::isHTTPS()
- || common_config('site', 'ssl') === 'always') {
+ if ($ssl && GNUsocial::useHTTPS()) {
$proto = 'https';
if (is_string(common_config('site', 'sslserver')) &&
mb_strlen(common_config('site', 'sslserver')) > 0) {
diff --git a/plugins/FacebookBridge/FacebookBridgePlugin.php b/plugins/FacebookBridge/FacebookBridgePlugin.php
index a19cc0349b..88dc4df496 100644
--- a/plugins/FacebookBridge/FacebookBridgePlugin.php
+++ b/plugins/FacebookBridge/FacebookBridgePlugin.php
@@ -472,30 +472,6 @@ ENDOFSCRIPT;
return true;
}
- /*
- * Use SSL for Facebook stuff
- *
- * @param string $action name
- * @param boolean $ssl outval to force SSL
- * @return mixed hook return value
- */
- function onSensitiveAction($action, &$ssl)
- {
- $sensitive = array(
- 'facebookadminpanel',
- 'facebooksettings',
- 'facebooklogin',
- 'facebookfinishlogin'
- );
-
- if (in_array($action, $sensitive)) {
- $ssl = true;
- return false;
- } else {
- return true;
- }
- }
-
/**
* If a notice gets deleted, remove the Notice_to_item mapping and
* delete the item on Facebook
diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php
index 4e5a0bfe0c..c6f2d75a2b 100644
--- a/plugins/OpenID/OpenIDPlugin.php
+++ b/plugins/OpenID/OpenIDPlugin.php
@@ -329,29 +329,6 @@ class OpenIDPlugin extends Plugin
return parent::onAutoload($cls);
}
- /**
- * Sensitive actions
- *
- * These actions should use https when SSL support is 'sometimes'
- *
- * @param Action $action Action to form an URL for
- * @param boolean &$ssl Whether to mark it for SSL
- *
- * @return boolean hook return
- */
- function onSensitiveAction($action, &$ssl)
- {
- switch ($action)
- {
- case 'finishopenidlogin':
- case 'finishaddopenid':
- $ssl = true;
- return false;
- default:
- return true;
- }
- }
-
/**
* Login actions
*
diff --git a/plugins/StrictTransportSecurity/README b/plugins/StrictTransportSecurity/README
index 66f03e95ea..73c1d5a7da 100644
--- a/plugins/StrictTransportSecurity/README
+++ b/plugins/StrictTransportSecurity/README
@@ -7,7 +7,7 @@ add "addPlugin('strictTransportSecurity');"
to the bottom of your config.php
The plugin will not do anything unless:
-$config['site']['ssl'] is set to 'always'
+$config['site']['ssl'] is set to something other than 'never'
$config['site']['path'] is either not set, empty, or '/'
Settings
diff --git a/plugins/StrictTransportSecurity/StrictTransportSecurityPlugin.php b/plugins/StrictTransportSecurity/StrictTransportSecurityPlugin.php
index 74a643d6d9..67cb665018 100644
--- a/plugins/StrictTransportSecurity/StrictTransportSecurityPlugin.php
+++ b/plugins/StrictTransportSecurity/StrictTransportSecurityPlugin.php
@@ -43,7 +43,7 @@ class StrictTransportSecurityPlugin extends Plugin
function onArgsInitialize($args)
{
$path = common_config('site', 'path');
- if(common_config('site', 'ssl') == 'always' && ($path == '/' || ! $path )) {
+ if (GNUsocial::useHTTPS() && ($path == '/' || mb_strlen($path)==0 )) {
header('Strict-Transport-Security: max-age=' . $this->max_age
. ($this->includeSubDomains ? '; includeSubDomains' : '')
. ($this->preloadToken ? '; preload' : ''));
diff --git a/plugins/TwitterBridge/TwitterBridgePlugin.php b/plugins/TwitterBridge/TwitterBridgePlugin.php
index 72c28d4fa4..623e2b51d8 100644
--- a/plugins/TwitterBridge/TwitterBridgePlugin.php
+++ b/plugins/TwitterBridge/TwitterBridgePlugin.php
@@ -323,31 +323,6 @@ class TwitterBridgePlugin extends Plugin
return (bool)$this->adminImportControl;
}
- /**
- * When the site is set to ssl=sometimes mode, we should make sure our
- * various auth-related pages are on SSL to keep things looking happy.
- * Although we're not submitting passwords directly, we do link out to
- * an authentication source and it's a lot happier if we've got some
- * protection against MitM.
- *
- * @param string $action name
- * @param boolean $ssl outval to force SSL
- * @return mixed hook return value
- */
- function onSensitiveAction($action, &$ssl)
- {
- $sensitive = array('twitteradminpanel',
- 'twittersettings',
- 'twitterauthorization',
- 'twitterlogin');
- if (in_array($action, $sensitive)) {
- $ssl = true;
- return false;
- } else {
- return true;
- }
- }
-
/**
* Database schema setup
*
diff --git a/scripts/install_cli.php b/scripts/install_cli.php
index ac3fe3e657..815418aaab 100755
--- a/scripts/install_cli.php
+++ b/scripts/install_cli.php
@@ -161,7 +161,7 @@ install_cli.php - StatusNet command-line installer
--sitename User-friendly site name (required)
--fancy Whether to use fancy URLs (default no)
--ssl Server SSL enabled (default never),
- [never | sometimes | always]
+ [never | always]
--dbtype 'mysql' (default) or 'pgsql'
--host Database hostname (required)
--
2.39.5