revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-19 12:00:55 +01:00
Code Issues Releases Wiki Activity

Lock "security.require-https" from web edits

Browse source 
Summary: This can be used to lock yourself out of an instance, so prevent web edits.

Test Plan: Loaded page, wasn't web-editable.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8572
This commit is contained in:
epriestley 2014-03-19 19:27:04 -07:00
parent 3d639f5f98
commit 221222ad7a
1 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
src/applications/config/option/PhabricatorSecurityConfigOptions.php
View file

@ -52,8 +52,9 @@ final class PhabricatorSecurityConfigOptions
"want (to any other string), but doing so will break existing ". "want (to any other string), but doing so will break existing ".
"sessions and CSRF tokens.")), "sessions and CSRF tokens.")),
$this->newOption('security.require-https', 'bool', false) $this->newOption('security.require-https', 'bool', false)
->setLocked(true)
->setSummary( ->setSummary(
pht("Force users to connect via https instead of http.")) pht("Force users to connect via HTTPS instead of HTTP."))
->setDescription( ->setDescription(
pht( pht(
"If the web server responds to both HTTP and HTTPS requests but ". "If the web server responds to both HTTP and HTTPS requests but ".
@ -67,15 +68,13 @@ final class PhabricatorSecurityConfigOptions
"balancer which terminates HTTPS connections and you can not ". "balancer which terminates HTTPS connections and you can not ".
"reasonably configure more granular behavior there.\n\n". "reasonably configure more granular behavior there.\n\n".
"NOTE: Phabricator determines if a request is HTTPS or not by ". "IMPORTANT: Phabricator determines if a request is HTTPS or not ".
"examining the PHP \$_SERVER['HTTPS'] variable. If you run ". "by examining the PHP \$_SERVER['HTTPS'] variable. If you run ".
"Apache/mod_php this will probably be set correctly for you ". "Apache/mod_php this will probably be set correctly for you ".
"automatically, but if you run Phabricator as CGI/FCGI (e.g., ". "automatically, but if you run Phabricator as CGI/FCGI (e.g., ".
"through nginx or lighttpd), you need to configure your web ". "through nginx or lighttpd), you need to configure your web ".
"server so that it passes the value correctly based on the ". "server so that it passes the value correctly based on the ".
"connection type. Alternatively, you can add a PHP snippet to ". "connection type."))
"the top of this configuration file to directly set ".
"\$_SERVER['HTTPS'] to the correct value."))
->setBoolOptions( ->setBoolOptions(
array( array(
pht('Force HTTPS'), pht('Force HTTPS'),