From 65c0a0e591d917e87d54f499f9b25da522746aed Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Tue, 13 Oct 2009 04:40:21 -0400
Subject: [PATCH] - Option 'force_https' replaced by 'force_https' plugin - added option 'force_https_port' in 'force_https' plugin (#1486091)
---
CHANGELOG | 2 ++
index.php | 9 ---------
plugins/force_https/force_https.php | 38 ++++++++++++++++++++++++++++++++++++++
config/main.inc.php.dist | 4 ----
4 files changed, 40 insertions(+), 13 deletions(-)
diff --git a/CHANGELOG b/CHANGELOG
index 2a38745..b4a4670 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,8 @@
CHANGELOG RoundCube Webmail
===========================
+- added option 'force_https_port' in 'force_https' plugin (#1486091)
+- Option 'force_https' replaced by 'force_https' plugin
- Fix IE issue with non-UTF-8 characters in AJAX response (#1486159)
- Partially fixed "empty body" issue by showing raw body of malformed message (#1486166)
- Fix importing/sending to email address with whitespace (#1486214)
diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist
index 597ae23..e184078 100644
--- a/config/main.inc.php.dist
+++ b/config/main.inc.php.dist
@@ -49,10 +49,6 @@
// possible units: s, m, h, d, w
$rcmail_config['message_cache_lifetime'] = '10d';
-// enforce connections over https
-// with this option enabled, all non-secure connections will be redirected
-$rcmail_config['force_https'] = FALSE;
-
// automatically create a new RoundCube user when log-in the first time.
// a new user will be created once the IMAP login succeeds.
// set to false if only registered users can use this service
diff --git a/index.php b/index.php
index fc5926d..9e32fc7 100644
--- a/index.php
+++ b/index.php
@@ -63,18 +63,10 @@
raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
}
-// check if https is required (for login) and redirect if necessary
-if ($RCMAIL->config->get('force_https', false) && empty($_SESSION['user_id'])
- && !(isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] == 443 || $RCMAIL->config->get('use_https'))) {
- header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
- exit;
-}
-
// trigger startup plugin hook
$startup = $RCMAIL->plugins->exec_hook('startup', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
$RCMAIL->set_task($startup['task']);
$RCMAIL->action = $startup['action'];
-
// try to log in
if ($RCMAIL->action=='login' && $RCMAIL->task=='mail') {
@@ -160,7 +152,6 @@
$OUTPUT->show_message('invalidrequest', 'error');
$OUTPUT->send($RCMAIL->task);
}
-
// not logged in -> show login page
if (empty($RCMAIL->user->ID)) {
diff --git a/plugins/force_https/force_https.php b/plugins/force_https/force_https.php
new file mode 100644
index 0000000..6755257
--- /dev/null
+++ b/plugins/force_https/force_https.php
@@ -0,0 +1,38 @@
+<?php
+
+/**
+ * Enforce secure HTTPs connection for login
+ *
+ * Configuration:
+ * // Port for https connection
+ * $rcmail_config['force_https_port'] = 443;
+ *
+ * @version 1.0
+ * @author Aleksander 'A.L.E.C' Machniak <alec@alec.pl>
+ */
+class force_https extends rcube_plugin
+{
+ function init()
+ {
+ $this->add_hook('startup', array($this, 'redirect'));
+ }
+
+ function redirect($args)
+ {
+ $config = rcmail::get_instance()->config;
+
+ $port = (int) $config->get('force_https_port', 443);
+
+ // check if https is required (for login) and redirect if necessary
+ if (empty($_SESSION['user_id']) && !$config->get('use_https')
+ && (!isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] != $port))
+ {
+ header('Location: https://' . $_SERVER['HTTP_HOST'] . ($port != 443 ? ":$port" : '') . $_SERVER['REQUEST_URI']);
+ exit;
+ }
+
+ return $args;
+ }
+}
+
+?>
--
Gitblit v1.9.1