Minor updates to SSL behavior

This commit is contained in:
calzoneman 2015-03-29 11:34:27 -05:00
parent 9541b40f68
commit 813ae3a2ef
4 changed files with 10 additions and 5 deletions

View file

@ -80,6 +80,10 @@ https:
certfile: 'localhost.cert' certfile: 'localhost.cert'
cafile: '' cafile: ''
ciphers: 'HIGH:!DSS:!aNULL@STRENGTH' ciphers: 'HIGH:!DSS:!aNULL@STRENGTH'
# Allow certain account pages to redirect to HTTPS if HTTPS is enabled.
# You may want to set this to false if you are reverse proxying HTTPS to a
# non-HTTPS address.
redirect: true
# Page template values # Page template values
# title goes in the upper left corner, description goes in a <meta> tag # title goes in the upper left corner, description goes in a <meta> tag

View file

@ -44,7 +44,8 @@ var defaults = {
passphrase: "", passphrase: "",
certfile: "localhost.cert", certfile: "localhost.cert",
cafile: "", cafile: "",
ciphers: "HIGH:!DSS:!aNULL@STRENGTH" ciphers: "HIGH:!DSS:!aNULL@STRENGTH",
redirect: true
}, },
io: { io: {
domain: "http://localhost", domain: "http://localhost",

View file

@ -46,7 +46,7 @@ function ipForRequest(req) {
* Redirects a request to HTTPS if the server supports it * Redirects a request to HTTPS if the server supports it
*/ */
function redirectHttps(req, res) { function redirectHttps(req, res) {
if (!req.secure && Config.get("https.enabled")) { if (!req.secure && Config.get("https.enabled") && Config.get("https.redirect")) {
var ssldomain = Config.get("https.full-address"); var ssldomain = Config.get("https.full-address");
if (ssldomain.indexOf(req.hostname) < 0) { if (ssldomain.indexOf(req.hostname) < 0) {
return false; return false;

View file

@ -29,8 +29,8 @@ mixin navdefaultlinks(page)
if loggedIn if loggedIn
li: a(href="/logout?dest=#{encodeURIComponent(baseUrl + page)}&_csrf=#{csrfToken}") Logout li: a(href="/logout?dest=#{encodeURIComponent(baseUrl + page)}&_csrf=#{csrfToken}") Logout
li.divider li.divider
li: a(href="/account/channels") Channels li: a(href="#{loginDomain}/account/channels") Channels
li: a(href="/account/profile") Profile li: a(href="#{loginDomain}/account/profile") Profile
li: a(href="#{loginDomain}/account/edit") Change Password/Email li: a(href="#{loginDomain}/account/edit") Change Password/Email
else else
li: a(href="#{loginDomain}/login?dest=#{encodeURIComponent(baseUrl + page)}") Login li: a(href="#{loginDomain}/login?dest=#{encodeURIComponent(baseUrl + page)}") Login