projects / evergreen / pines.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: df6f41a)
LP#1207281: require SSL when downloading offline patron list
authorGalen Charlton <gmc@esilibrary.com>
Thu, 26 Sep 2013 21:24:42 +0000 (14:24 -0700)
committerBill Erickson <berick@esilibrary.com>
Thu, 3 Oct 2013 14:21:27 +0000 (10:21 -0400)
This patch builds on the previous one by forcing use of
SSL for downloading the offline patron list.  It also
updates the Apache 2.4 example configuration.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Bill Erickson <berick@esilibrary.com>
Open-ILS/examples/apache/eg_vhost.conf.in patch | blob | history
Open-ILS/examples/apache_24/eg_vhost.conf.in patch | blob | history
Open-ILS/xul/staff_client/chrome/content/main/menu.js patch | blob | history

diff --git a/Open-ILS/examples/apache/eg_vhost.conf.in b/Open-ILS/examples/apache/eg_vhost.conf.in
index 6d5a18e..1de2212 100644 (file)
--- a/Open-ILS/examples/apache/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache/eg_vhost.conf.in
@@ -488,6 +488,7 @@ RewriteRule .? - [E=locale:%{HTTP:Accept-Language}]
     require valid-user
     PerlSendHeader On
     allow from all
+    SSLRequireSSL
 </Location>
 
 # ----------------------------------------------------------------------------------
diff --git a/Open-ILS/examples/apache_24/eg_vhost.conf.in b/Open-ILS/examples/apache_24/eg_vhost.conf.in
index 0d67b54..f530f29 100644 (file)
--- a/Open-ILS/examples/apache_24/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache_24/eg_vhost.conf.in
@@ -480,6 +480,20 @@ RewriteRule .? - [E=locale:%{HTTP:Accept-Language}]
     Require all granted 
 </Location>
 
+# ----------------------------------------------------------------------------------
+# Protect Standalone/Offline mode files from public view
+# ----------------------------------------------------------------------------------
+<Location /standalone/>
+    AuthType Basic
+    AuthName "Standalone Mode Login"
+    PerlOptions +GlobalRequest
+    PerlSetVar OILSProxyPermissions "STAFF_LOGIN"
+    PerlAuthenHandler OpenILS::WWW::Proxy::Authen
+    require valid-user
+    PerlSendHeader On
+    allow from all
+    SSLRequireSSL
+</Location>
 
 # ----------------------------------------------------------------------------------
 # Reporting output lives here
diff --git a/Open-ILS/xul/staff_client/chrome/content/main/menu.js b/Open-ILS/xul/staff_client/chrome/content/main/menu.js
index b69ebec..2f16bfd 100644 (file)
--- a/Open-ILS/xul/staff_client/chrome/content/main/menu.js
+++ b/Open-ILS/xul/staff_client/chrome/content/main/menu.js
@@ -1391,7 +1391,7 @@ main.menu.prototype = {
                 function() {
                     try {
                         var x = new XMLHttpRequest();
-                        var url = 'http://' + XML_HTTP_SERVER + '/standalone/list.txt';
+                        var url = 'https://' + XML_HTTP_SERVER + '/standalone/list.txt';
                         x.open("GET",url,false);
                         x.send(null);
                         if (x.status == 200) {
Evergreen working repo (PINES)