From aa3da6f5ab5d995f1d640fbb2c389762ff36807a Mon Sep 17 00:00:00 2001 From: Jason Boyer Date: Fri, 4 Dec 2015 01:17:21 -0500 Subject: [PATCH] LP1522686: Force SSL for Web Staff, Add Basic Redirect for Staff URL 1 minor change, 1 less minor change. First, add a simple redirect for staff that forget to enter the final '/' at the end of /eg/staff/. Second, and most importantly, force all connections to the web staff client to be redirected through an HTTPS connection. By default the system would accept whichever connection type you enter by hand, and fewer and fewer people actually enter the protocol specifier these days. Signed-off-by: Jason Boyer Signed-off-by: Ben Shum --- Open-ILS/examples/apache/eg_vhost.conf.in | 8 ++++++++ Open-ILS/examples/apache_24/eg_vhost.conf.in | 8 ++++++++ 2 files changed, 16 insertions(+) diff --git a/Open-ILS/examples/apache/eg_vhost.conf.in b/Open-ILS/examples/apache/eg_vhost.conf.in index bf63947b68..e64c2d769a 100644 --- a/Open-ILS/examples/apache/eg_vhost.conf.in +++ b/Open-ILS/examples/apache/eg_vhost.conf.in @@ -8,6 +8,11 @@ # ---------------------------------------------------------------------------------- RedirectMatch 301 ^/$ /eg/opac/home +# ---------------------------------------------------------------------------------- +# Redirect staff to the correct URL if they forget to include the final / +# ---------------------------------------------------------------------------------- +RedirectMatch 301 ^/eg/staff$ /eg/staff/ + # ---------------------------------------------------------------------------------- # Point / to the IP address redirector # ---------------------------------------------------------------------------------- @@ -812,6 +817,9 @@ RewriteRule ^/openurl$ ${openurl:%1} [NE,PT] Options -MultiViews PerlSetVar OILSWebStopAtIndex "true" + RewriteCond %{HTTPS} off + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + # sample staff-specific translation files #PerlAddVar OILSWebLocale "en_ca" #PerlAddVar OILSWebLocale "/openils/var/data/locale/staff/en-CA.po" diff --git a/Open-ILS/examples/apache_24/eg_vhost.conf.in b/Open-ILS/examples/apache_24/eg_vhost.conf.in index 78fab7e548..94d5c34500 100644 --- a/Open-ILS/examples/apache_24/eg_vhost.conf.in +++ b/Open-ILS/examples/apache_24/eg_vhost.conf.in @@ -8,6 +8,11 @@ # ---------------------------------------------------------------------------------- RedirectMatch 301 ^/$ /eg/opac/home +# ---------------------------------------------------------------------------------- +# Redirect staff to the correct URL if they forget to include the final / +# ---------------------------------------------------------------------------------- +RedirectMatch 301 ^/eg/staff$ /eg/staff/ + # ---------------------------------------------------------------------------------- # Point / to the IP address redirector # ---------------------------------------------------------------------------------- @@ -818,6 +823,9 @@ RewriteRule ^/openurl$ ${openurl:%1} [NE,PT] Options -MultiViews PerlSetVar OILSWebStopAtIndex "true" + RewriteCond %{HTTPS} off + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + # sample staff-specific translation files #PerlAddVar OILSWebLocale "en_ca" #PerlAddVar OILSWebLocale "/openils/var/data/locale/staff/en-CA.po" -- 2.43.2