diff options
author | csteipp <csteipp@wikimedia.org> | 2012-10-01 08:52:55 -0700 |
---|---|---|
committer | csteipp <csteipp@wikimedia.org> | 2012-10-01 12:50:11 -0700 |
commit | fe6eb8dca2c2d5f2b0121f1c0fd38576fa69b2b3 (patch) | |
tree | 89f71b630f69e7b11bfb26b8b4c586c5d2ca0531 | |
parent | df4fe53e76dddf76f09deac95b451ed62946c41d (diff) |
Make $wgServer proto-relative if $wgSecureLogin is setorigin/sandbox/CSteipp/secureredir
If $wgServer includes the http:// protocol, which is often used to
indicate that SSL is not available, but $wgSecureLogin is set to true,
assume the more secure option, and make $wgServer protocol-relative.
Change-Id: Id8bcc0956c95c513efc6a002c1267712269659c7
-rw-r--r-- | includes/Setup.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/includes/Setup.php b/includes/Setup.php index 5c5d7d141f04..f6c70e4f3514 100644 --- a/includes/Setup.php +++ b/includes/Setup.php @@ -402,6 +402,12 @@ if ( $wgTmpDirectory === false ) { $wgTmpDirectory = wfTempDir(); } +// $wgServer starting with http:// indicates no SSL, but $wgSecureLogin indicates to use +// SSL. Prefer the more secure option, and set $wgServer to be protocol-relative +if ( $wgSecureLogin === true && substr( $wgServer, 0, 7 ) === 'http://' ) { + $wgServer = substr( $wgServer, 5 ); +} + if ( $wgCanonicalServer === false ) { $wgCanonicalServer = wfExpandUrl( $wgServer, PROTO_HTTP ); } |