Minor updates to SSL behavior
This commit is contained in:
parent
9541b40f68
commit
813ae3a2ef
|
@ -80,6 +80,10 @@ https:
|
|||
certfile: 'localhost.cert'
|
||||
cafile: ''
|
||||
ciphers: 'HIGH:!DSS:!aNULL@STRENGTH'
|
||||
# Allow certain account pages to redirect to HTTPS if HTTPS is enabled.
|
||||
# You may want to set this to false if you are reverse proxying HTTPS to a
|
||||
# non-HTTPS address.
|
||||
redirect: true
|
||||
|
||||
# Page template values
|
||||
# title goes in the upper left corner, description goes in a <meta> tag
|
||||
|
|
|
@ -44,7 +44,8 @@ var defaults = {
|
|||
passphrase: "",
|
||||
certfile: "localhost.cert",
|
||||
cafile: "",
|
||||
ciphers: "HIGH:!DSS:!aNULL@STRENGTH"
|
||||
ciphers: "HIGH:!DSS:!aNULL@STRENGTH",
|
||||
redirect: true
|
||||
},
|
||||
io: {
|
||||
domain: "http://localhost",
|
||||
|
|
|
@ -46,7 +46,7 @@ function ipForRequest(req) {
|
|||
* Redirects a request to HTTPS if the server supports it
|
||||
*/
|
||||
function redirectHttps(req, res) {
|
||||
if (!req.secure && Config.get("https.enabled")) {
|
||||
if (!req.secure && Config.get("https.enabled") && Config.get("https.redirect")) {
|
||||
var ssldomain = Config.get("https.full-address");
|
||||
if (ssldomain.indexOf(req.hostname) < 0) {
|
||||
return false;
|
||||
|
|
|
@ -29,8 +29,8 @@ mixin navdefaultlinks(page)
|
|||
if loggedIn
|
||||
li: a(href="/logout?dest=#{encodeURIComponent(baseUrl + page)}&_csrf=#{csrfToken}") Logout
|
||||
li.divider
|
||||
li: a(href="/account/channels") Channels
|
||||
li: a(href="/account/profile") Profile
|
||||
li: a(href="#{loginDomain}/account/channels") Channels
|
||||
li: a(href="#{loginDomain}/account/profile") Profile
|
||||
li: a(href="#{loginDomain}/account/edit") Change Password/Email
|
||||
else
|
||||
li: a(href="#{loginDomain}/login?dest=#{encodeURIComponent(baseUrl + page)}") Login
|
||||
|
|
Loading…
Reference in a new issue