mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 22:10:55 +01:00
Lock "security.require-https" from web edits
Summary: This can be used to lock yourself out of an instance, so prevent web edits. Test Plan: Loaded page, wasn't web-editable. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Differential Revision: https://secure.phabricator.com/D8572
This commit is contained in:
parent
3d639f5f98
commit
221222ad7a
1 changed files with 5 additions and 6 deletions
|
@ -52,8 +52,9 @@ final class PhabricatorSecurityConfigOptions
|
||||||
"want (to any other string), but doing so will break existing ".
|
"want (to any other string), but doing so will break existing ".
|
||||||
"sessions and CSRF tokens.")),
|
"sessions and CSRF tokens.")),
|
||||||
$this->newOption('security.require-https', 'bool', false)
|
$this->newOption('security.require-https', 'bool', false)
|
||||||
|
->setLocked(true)
|
||||||
->setSummary(
|
->setSummary(
|
||||||
pht("Force users to connect via https instead of http."))
|
pht("Force users to connect via HTTPS instead of HTTP."))
|
||||||
->setDescription(
|
->setDescription(
|
||||||
pht(
|
pht(
|
||||||
"If the web server responds to both HTTP and HTTPS requests but ".
|
"If the web server responds to both HTTP and HTTPS requests but ".
|
||||||
|
@ -67,15 +68,13 @@ final class PhabricatorSecurityConfigOptions
|
||||||
"balancer which terminates HTTPS connections and you can not ".
|
"balancer which terminates HTTPS connections and you can not ".
|
||||||
"reasonably configure more granular behavior there.\n\n".
|
"reasonably configure more granular behavior there.\n\n".
|
||||||
|
|
||||||
"NOTE: Phabricator determines if a request is HTTPS or not by ".
|
"IMPORTANT: Phabricator determines if a request is HTTPS or not ".
|
||||||
"examining the PHP \$_SERVER['HTTPS'] variable. If you run ".
|
"by examining the PHP \$_SERVER['HTTPS'] variable. If you run ".
|
||||||
"Apache/mod_php this will probably be set correctly for you ".
|
"Apache/mod_php this will probably be set correctly for you ".
|
||||||
"automatically, but if you run Phabricator as CGI/FCGI (e.g., ".
|
"automatically, but if you run Phabricator as CGI/FCGI (e.g., ".
|
||||||
"through nginx or lighttpd), you need to configure your web ".
|
"through nginx or lighttpd), you need to configure your web ".
|
||||||
"server so that it passes the value correctly based on the ".
|
"server so that it passes the value correctly based on the ".
|
||||||
"connection type. Alternatively, you can add a PHP snippet to ".
|
"connection type."))
|
||||||
"the top of this configuration file to directly set ".
|
|
||||||
"\$_SERVER['HTTPS'] to the correct value."))
|
|
||||||
->setBoolOptions(
|
->setBoolOptions(
|
||||||
array(
|
array(
|
||||||
pht('Force HTTPS'),
|
pht('Force HTTPS'),
|
||||||
|
|
Loading…
Reference in a new issue