From 7799a762ca2dfbd022f7f8425fc207c8211e3ef7 Mon Sep 17 00:00:00 2001
From: paul <paul@plutz.net>
Date: Sun, 30 Oct 2011 16:24:26 +0000
Subject: [PATCH] enforce ssl for login sessions

svn path=/trunk/; revision=17
---
 .htaccess          | 4 ++++
 login.cgi          | 2 +-
 write/.htaccess    | 4 ++++
 write/wikiedit.cgi | 2 +-
 write/wikimeta.cgi | 6 +++---
 5 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/.htaccess b/.htaccess
index 615ac51..021a64f 100644
--- a/.htaccess
+++ b/.htaccess
@@ -3,6 +3,10 @@ AddHandler cgi-script .cgi
 DirectoryIndex index.cgi
 
 <Files session.cgi>
+  RewriteEngine	On
+  RewriteCond	%{SERVER_PORT}	80
+  RewriteRule	^.*(session.cgi.*)$	https://%{SERVER_NAME}/$1
+
   AuthType Basic
   AuthName "Busy Login"
   AuthUserFile /sites/busy.plutz.net/http/auth/htpasswd
diff --git a/login.cgi b/login.cgi
index 48d4ca4..856b0c0 100755
--- a/login.cgi
+++ b/login.cgi
@@ -27,4 +27,4 @@ if [ -n "${CONTENT_LENGTH}" -a "${CONTENT_LENGTH}" -gt 0 ]; then
 done
 fi
 
-echo -n "Location: http://${user}:${pass}@${HTTP_HOST}/session.cgi?${QUERY_STRING}\n\n"
+echo -n "Location: https://${user}:${pass}@${HTTP_HOST}/session.cgi?${QUERY_STRING}\n\n"
diff --git a/write/.htaccess b/write/.htaccess
index 2d2dfbf..02be183 100644
--- a/write/.htaccess
+++ b/write/.htaccess
@@ -2,6 +2,10 @@ Options +ExecCGI
 AddHandler cgi-script .cgi
 DirectoryIndex index.cgi
 
+RewriteEngine On
+RewriteCond   %{SERVER_PORT}  80
+RewriteRule   ^.*(/write/.*)$     https://%{SERVER_NAME}/$1
+
 AuthType Basic
 AuthName "Kinoserver Login"
 AuthUserFile /sites/kinob.plutz.net/http/.htpasswd
diff --git a/write/wikiedit.cgi b/write/wikiedit.cgi
index 29e312b..2ce87e2 100755
--- a/write/wikiedit.cgi
+++ b/write/wikiedit.cgi
@@ -32,4 +32,4 @@ fi
 [ -z "$cancel" -a -f "../Wiki/$info" ] && mv "../Wiki/$info" "../Wiki/$info.$(date +%s)"
 [ -z "$cancel" ] && echo -e "${page}" >"../Wiki/$info"
 
-echo -n "Location: http://${HTTP_HOST}/?p=Wiki&i=$info\n\n"
+echo -n "Location: https://${HTTP_HOST}/?p=Wiki&i=$info\n\n"
diff --git a/write/wikimeta.cgi b/write/wikimeta.cgi
index 71ece53..fe234ae 100755
--- a/write/wikimeta.cgi
+++ b/write/wikimeta.cgi
@@ -45,12 +45,12 @@ if [ -z "$cancel" -a -n "$comment" ]; then
   touch "../Wiki/$info"
   echo -e "author=${REMOTE_USER}" > "$commfile"
   echo -e "${comment}" >> "$commfile"
-  echo -n "Location: http://${HTTP_HOST}/?p=Wiki&i=$info\n\n"
+  echo -n "Location: https://${HTTP_HOST}/?p=Wiki&i=$info\n\n"
 elif [ -z "$cancel" -a -n "$description" ]; then
   touch "../Wiki/$info"
   echo -e "title=${title}" > "$descfile"
   echo -e "description=${description}" >> "$descfile"
-  echo -n "Location: http://${HTTP_HOST}/?p=Wiki#$anchor\n\n"
+  echo -n "Location: https://${HTTP_HOST}/?p=Wiki#$anchor\n\n"
 elif [ -n "$cancel" ]; then
-  echo -n "Location: http://${HTTP_HOST}/?p=Wiki#$anchor\n\n"
+  echo -n "Location: https://${HTTP_HOST}/?p=Wiki#$anchor\n\n"
 fi
-- 
2.39.2