enforce ssl for login sessions

svn path=/trunk/; revision=17

diff --git a/.htaccess b/.htaccess
index 615ac51842a7f09fc83514f25e917ac3a6a8f341..021a64f3bdf849db0ef38574db37f0454256ca91 100644 (file)
--- a/.htaccess
+++ b/.htaccess
@@ -3,6 +3,10 @@ AddHandler cgi-script .cgi
 DirectoryIndex index.cgi
 
 <Files session.cgi>
+  RewriteEngine        On
+  RewriteCond  %{SERVER_PORT}  80
+  RewriteRule  ^.*(session.cgi.*)$     https://%{SERVER_NAME}/$1
+
   AuthType Basic
   AuthName "Busy Login"
   AuthUserFile /sites/busy.plutz.net/http/auth/htpasswd

diff --git a/login.cgi b/login.cgi
index 48d4ca4f364a64227ac638b9a878f222512df881..856b0c041070453d803377a090dfb22acc8a8c77 100755 (executable)
--- a/login.cgi
+++ b/login.cgi
@@ -27,4 +27,4 @@ if [ -n "${CONTENT_LENGTH}" -a "${CONTENT_LENGTH}" -gt 0 ]; then
 done
 fi
 
-echo -n "Location: http://${user}:${pass}@${HTTP_HOST}/session.cgi?${QUERY_STRING}\n\n"
+echo -n "Location: https://${user}:${pass}@${HTTP_HOST}/session.cgi?${QUERY_STRING}\n\n"

diff --git a/write/.htaccess b/write/.htaccess
index 2d2dfbf73e8c7aa3228573136942373affd61643..02be1832235e1cda3fc86850b6bf0f0e53c8ad31 100644 (file)
--- a/write/.htaccess
+++ b/write/.htaccess
@@ -2,6 +2,10 @@ Options +ExecCGI
 AddHandler cgi-script .cgi
 DirectoryIndex index.cgi
 
+RewriteEngine On
+RewriteCond   %{SERVER_PORT}  80
+RewriteRule   ^.*(/write/.*)$     https://%{SERVER_NAME}/$1
+
 AuthType Basic
 AuthName "Kinoserver Login"
 AuthUserFile /sites/kinob.plutz.net/http/.htpasswd

diff --git a/write/wikiedit.cgi b/write/wikiedit.cgi
index 29e312bd75cbc4f170ec51f8f56f555f0205833c..2ce87e2fc2ad0ebc501cb03d630a7b3a608b01cf 100755 (executable)
--- a/write/wikiedit.cgi
+++ b/write/wikiedit.cgi
@@ -32,4 +32,4 @@ fi
 [ -z "$cancel" -a -f "../Wiki/$info" ] && mv "../Wiki/$info" "../Wiki/$info.$(date +%s)"
 [ -z "$cancel" ] && echo -e "${page}" >"../Wiki/$info"
 
-echo -n "Location: http://${HTTP_HOST}/?p=Wiki&i=$info\n\n"
+echo -n "Location: https://${HTTP_HOST}/?p=Wiki&i=$info\n\n"

diff --git a/write/wikimeta.cgi b/write/wikimeta.cgi
index 71ece533f51007cd63ae1347e063c5a30eb57234..fe234aee772299a229bdde77c35fd2d122a33558 100755 (executable)
--- a/write/wikimeta.cgi
+++ b/write/wikimeta.cgi
@@ -45,12 +45,12 @@ if [ -z "$cancel" -a -n "$comment" ]; then
   touch "../Wiki/$info"
   echo -e "author=${REMOTE_USER}" > "$commfile"
   echo -e "${comment}" >> "$commfile"
-  echo -n "Location: http://${HTTP_HOST}/?p=Wiki&i=$info\n\n"
+  echo -n "Location: https://${HTTP_HOST}/?p=Wiki&i=$info\n\n"
 elif [ -z "$cancel" -a -n "$description" ]; then
   touch "../Wiki/$info"
   echo -e "title=${title}" > "$descfile"
   echo -e "description=${description}" >> "$descfile"
-  echo -n "Location: http://${HTTP_HOST}/?p=Wiki#$anchor\n\n"
+  echo -n "Location: https://${HTTP_HOST}/?p=Wiki#$anchor\n\n"
 elif [ -n "$cancel" ]; then
-  echo -n "Location: http://${HTTP_HOST}/?p=Wiki#$anchor\n\n"
+  echo -n "Location: https://${HTTP_HOST}/?p=Wiki#$anchor\n\n"
 fi