1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
this is a [[patch]], really, with full description builtin:
<pre>
From 8f16b20818a14f27bb18aa3016d5808dd56082c9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@koumbit.org>
Date: Wed, 18 Nov 2015 23:08:10 -0500
Subject: [PATCH] fix ssl redirections
it seems the previous redirections were not doing anything, or more
precisely, they were looping:
RewriteRule ^/(.*) <TMPL_VAR URL_ESCAPED> [L,R,NE]
... was generting the following rule:
RewriteRule ^/(.*) [L,R,NE]
because url_escaped wasn't passed to the template. but even if was, it
would still do an infinite redirect loop on itself. what it needs is
https_url_escaped, which wasn't passed either.
---
ikisite | 4 ++++
templates/apache-site.tmpl | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/ikisite b/ikisite
index 9197ca3..a847c20 100755
--- a/ikisite
+++ b/ikisite
@@ -1621,6 +1621,10 @@ sub enable {
cgidir => cgidir($hostname),
logdir => logdir($hostname),
source_hostname => "source.$hostname",
+ # Value escaped to prevent leakage
+ # into RewriteEngine regexp.
+ url_escaped => quotemeta($redirurl),
+ https_url_escaped => quotemeta($httpsredirurl),
@ssl_template_vars
);
diff --git a/templates/apache-site.tmpl b/templates/apache-site.tmpl
index 58e8697..7823b87 100644
--- a/templates/apache-site.tmpl
+++ b/templates/apache-site.tmpl
@@ -15,7 +15,7 @@
<TMPL_IF REDIRECT_TO_HTTPS>
RewriteEngine On
- RewriteRule ^/(.*) <TMPL_VAR URL_ESCAPED>$1 [L,R,NE]
+ RewriteRule ^/(.*) <TMPL_VAR HTTPS_URL_ESCAPED>$1 [L,R,NE]
<TMPL_ELSE>
DocumentRoot <TMPL_VAR DESTDIR>
<Directory />
--
2.1.4
</pre>
works in production in http://anarc.at/ (encrypted with letsencrypt!). -- [[anarcat]]
> [[applied|done]] --[[Joey]]
|
