michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-02-03 14:13:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix to redirect to HTTPS when we get the host from the browser URL

Browse Source
This commit is contained in:
Ilia Ross
2025-10-02 15:52:14 +03:00
parent 8932f3bd6a
commit 991795c296
1 changed files with 27 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
miniserv.pl
View File

@@ -1381,33 +1381,8 @@ $method = $page = $request_uri = undef;
print DEBUG "handle_request reqline=$reqline\n";
alarm(0);
if (!$use_ssl && $config{'ssl'} && $config{'ssl_enforce'}) {
# This is an http request when https must be enforced
local $hostname = $host;
if ($hostname !~ /\./) {
my $system_hostname = &get_system_hostname();
$hostname = $system_hostname if ($system_hostname =~ /\./);
}
local $urlhost = $config{'musthost'} || $hostname;
$urlhost = "[".$urlhost."]" if (&check_ip6address($urlhost));
local $wantport = $port;
if ($wantport == 80 &&
&indexof(443, @listening_on_ports) >= 0) {
# Connection was to port 80, but since we are also
# accepting on port 443, redirect to that
$wantport = 443;
}
local $url = $wantport == 443
? "https://$urlhost/"
: "https://$urlhost:$wantport/";
&write_data("HTTP/1.0 302 Moved Temporarily\r\n");
&write_data("Date: $datestr\r\n");
&write_data("Server: @{[&server_info()]}\r\n");
&write_data("Location: $url\r\n");
&write_keep_alive(0);
&write_data("\r\n");
&log_error("Redirecting HTTP request to HTTPS using $urlhost host");
&log_request($loghost, $authuser, $reqline, 302, 0);
return 0;
# This is an http request when https must be enforced later when
# we know the requested host
}
elsif (!$reqline && $checked_timeout > 1) {
# An empty request .. just close the connection
@@ -1510,6 +1485,31 @@ if (defined($header{'host'})) {
}
}
# This is an http request when https must be enforced
if (!$use_ssl && $config{'ssl'} && $config{'ssl_enforce'}) {
local $urlhost = $config{'musthost'} || $host;
$urlhost = "[".$urlhost."]" if (&check_ip6address($urlhost));
local $wantport = $port;
if ($wantport == 80 &&
&indexof(443, @listening_on_ports) >= 0) {
# Connection was to port 80, but since we are also
# accepting on port 443, redirect to that
$wantport = 443;
}
local $url = $wantport == 443
? "https://$urlhost/"
: "https://$urlhost:$wantport/";
&write_data("HTTP/1.0 302 Moved Temporarily\r\n");
&write_data("Date: $datestr\r\n");
&write_data("Server: @{[&server_info()]}\r\n");
&write_data("Location: $url\r\n");
&write_keep_alive(0);
&write_data("\r\n");
&log_error("Redirecting HTTP request to HTTPS using $urlhost host");
&log_request($loghost, $authuser, $reqline, 302, 0);
return 0;
}
# Create strings for use in redirects
$ssl = $config{'redirect_ssl'} ne '' ? $config{'redirect_ssl'} : $use_ssl;
$redirport = $config{'redirect_port'} || $port;