From: Galen Charlton <gmc@esilibrary.com>
Date: Thu, 26 Sep 2013 21:24:42 +0000 (-0700)
Subject: LP#1207281: require SSL when downloading offline patron list
X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=82ac0e6ea70f1b0b4607622b2c50b0b107b259b7;p=evergreen%2Fpines.git

LP#1207281: require SSL when downloading offline patron list

This patch builds on the previous one by forcing use of
SSL for downloading the offline patron list.  It also
updates the Apache 2.4 example configuration.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Bill Erickson <berick@esilibrary.com>
---

diff --git a/Open-ILS/examples/apache/eg_vhost.conf.in b/Open-ILS/examples/apache/eg_vhost.conf.in
index 6d5a18e4fe..1de2212cdf 100644
--- a/Open-ILS/examples/apache/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache/eg_vhost.conf.in
@@ -488,6 +488,7 @@ RewriteRule .? - [E=locale:%{HTTP:Accept-Language}]
     require valid-user
     PerlSendHeader On
     allow from all
+    SSLRequireSSL
 </Location>
 
 # ----------------------------------------------------------------------------------
diff --git a/Open-ILS/examples/apache_24/eg_vhost.conf.in b/Open-ILS/examples/apache_24/eg_vhost.conf.in
index 0d67b54ff2..f530f2935e 100644
--- a/Open-ILS/examples/apache_24/eg_vhost.conf.in
+++ b/Open-ILS/examples/apache_24/eg_vhost.conf.in
@@ -480,6 +480,20 @@ RewriteRule .? - [E=locale:%{HTTP:Accept-Language}]
     Require all granted 
 </Location>
 
+# ----------------------------------------------------------------------------------
+# Protect Standalone/Offline mode files from public view
+# ----------------------------------------------------------------------------------
+<Location /standalone/>
+    AuthType Basic
+    AuthName "Standalone Mode Login"
+    PerlOptions +GlobalRequest
+    PerlSetVar OILSProxyPermissions "STAFF_LOGIN"
+    PerlAuthenHandler OpenILS::WWW::Proxy::Authen
+    require valid-user
+    PerlSendHeader On
+    allow from all
+    SSLRequireSSL
+</Location>
 
 # ----------------------------------------------------------------------------------
 # Reporting output lives here
diff --git a/Open-ILS/xul/staff_client/chrome/content/main/menu.js b/Open-ILS/xul/staff_client/chrome/content/main/menu.js
index b69ebec47a..2f16bfd761 100644
--- a/Open-ILS/xul/staff_client/chrome/content/main/menu.js
+++ b/Open-ILS/xul/staff_client/chrome/content/main/menu.js
@@ -1391,7 +1391,7 @@ main.menu.prototype = {
                 function() {
                     try {
                         var x = new XMLHttpRequest();
-                        var url = 'http://' + XML_HTTP_SERVER + '/standalone/list.txt';
+                        var url = 'https://' + XML_HTTP_SERVER + '/standalone/list.txt';
                         x.open("GET",url,false);
                         x.send(null);
                         if (x.status == 200) {