Add option to enforce https connections
| | |
| | | CHANGELOG RoundCube Webmail |
| | | =========================== |
| | | |
| | | - Added config option to enforce HTTPS connections |
| | | - Fix non-unicode characters caching in unicode database (#1484608) |
| | | - Performance improvements of messages caching |
| | | - Fix empty Date header issue (#1485923) |
| | |
| | | // possible units: s, m, h, d, w |
| | | $rcmail_config['message_cache_lifetime'] = '10d'; |
| | | |
| | | // enforce connections over https |
| | | // with this option enabled, all non-secure connections will be redirected |
| | | $rcmail_config['force_https'] = FALSE; |
| | | |
| | | // automatically create a new RoundCube user when log-in the first time. |
| | | // a new user will be created once the IMAP login succeeds. |
| | | // set to false if only registered users can use this service |
| | |
| | | /* |
| | | +-------------------------------------------------------------------------+ |
| | | | RoundCube Webmail IMAP Client | |
| | | | Version 0.3-20090419 | |
| | | | Version 0.3-20090702 | |
| | | | | |
| | | | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland | |
| | | | | |
| | |
| | | raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE); |
| | | } |
| | | |
| | | // check if https is required (for login) and redirect if necessary |
| | | if ($RCMAIL->config->get('force_https', false) && empty($_SESSION['user_id']) && !(isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] == 443)) { |
| | | header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); |
| | | exit; |
| | | } |
| | | |
| | | // trigger startup plugin hook |
| | | $startup = $RCMAIL->plugins->exec_hook('startup', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action)); |