[kforge-user] http vs. https

• Next message: [kforge-user] http vs. https
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Gunnar,

So, this aspect is a bit of a mess, and I'm not exactly sure what to do 
about it.

The www.port_https config option just controls which port https is 
served on. But KForge apache config builder doesn't now take 
responsibility for configuring a virtual server, but just creates a 
"fragment" of apache config which can be included in a virtual server 
(along with other things, as required).

Rufus and I spotted that there is some code which creates full URLs, and 
an "http://" is hard-coded in here, which isn't great.

So, for now I suggest that if you want to force users to go through 
https, then configure your Web server to redirect.

Hopefully we'll put some more design into this, so if you've got any 
good ideas, do let us know.

Best wishes,

John.





Gunnar Johansson wrote:
> Hi,
>
> I have a minor "bug" to report. We force our users to go through  
> https when accessing the server, but the URLs for services seem to be  
> hard-coded into http.  Any suggestions on how to automatically detect  
> how the page is called?  I see there's a www.port_https option in the  
> kforge config - does this have any relevance?
>
> Cheers,
> Gunnar
>
>
> _______________________________________________
> kforge-user mailing list
> kforge-user at lists.okfn.org
> http://lists.okfn.org/mailman/listinfo/kforge-user
>
>
>
>   


-- 
Appropriate Software Foundation
Registered in England and Wales
17 Chapel Street, Hyde Cheshire
Company number: 04977110
W: appropriatesoftware.net
T: 0870 720 2944
M: 0781 139 2292

• Next message: [kforge-user] http vs. https
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]