From: Jason Boyer Date: Fri, 4 Dec 2015 06:17:21 +0000 (-0500) Subject: LP1522686: Force SSL for Web Staff, Add Basic Redirect for Staff URL X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=aa3da6f5ab5d995f1d640fbb2c389762ff36807a;p=evergreen%2Fmasslnc.git LP1522686: Force SSL for Web Staff, Add Basic Redirect for Staff URL 1 minor change, 1 less minor change. First, add a simple redirect for staff that forget to enter the final '/' at the end of /eg/staff/. Second, and most importantly, force all connections to the web staff client to be redirected through an HTTPS connection. By default the system would accept whichever connection type you enter by hand, and fewer and fewer people actually enter the protocol specifier these days. Signed-off-by: Jason Boyer Signed-off-by: Ben Shum --- diff --git a/Open-ILS/examples/apache/eg_vhost.conf.in b/Open-ILS/examples/apache/eg_vhost.conf.in index bf63947b68..e64c2d769a 100644 --- a/Open-ILS/examples/apache/eg_vhost.conf.in +++ b/Open-ILS/examples/apache/eg_vhost.conf.in @@ -9,6 +9,11 @@ RedirectMatch 301 ^/$ /eg/opac/home # ---------------------------------------------------------------------------------- +# Redirect staff to the correct URL if they forget to include the final / +# ---------------------------------------------------------------------------------- +RedirectMatch 301 ^/eg/staff$ /eg/staff/ + +# ---------------------------------------------------------------------------------- # Point / to the IP address redirector # ---------------------------------------------------------------------------------- # @@ -812,6 +817,9 @@ RewriteRule ^/openurl$ ${openurl:%1} [NE,PT] Options -MultiViews PerlSetVar OILSWebStopAtIndex "true" + RewriteCond %{HTTPS} off + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + # sample staff-specific translation files #PerlAddVar OILSWebLocale "en_ca" #PerlAddVar OILSWebLocale "/openils/var/data/locale/staff/en-CA.po" diff --git a/Open-ILS/examples/apache_24/eg_vhost.conf.in b/Open-ILS/examples/apache_24/eg_vhost.conf.in index 78fab7e548..94d5c34500 100644 --- a/Open-ILS/examples/apache_24/eg_vhost.conf.in +++ b/Open-ILS/examples/apache_24/eg_vhost.conf.in @@ -9,6 +9,11 @@ RedirectMatch 301 ^/$ /eg/opac/home # ---------------------------------------------------------------------------------- +# Redirect staff to the correct URL if they forget to include the final / +# ---------------------------------------------------------------------------------- +RedirectMatch 301 ^/eg/staff$ /eg/staff/ + +# ---------------------------------------------------------------------------------- # Point / to the IP address redirector # ---------------------------------------------------------------------------------- # @@ -818,6 +823,9 @@ RewriteRule ^/openurl$ ${openurl:%1} [NE,PT] Options -MultiViews PerlSetVar OILSWebStopAtIndex "true" + RewriteCond %{HTTPS} off + RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [NE,R,L] + # sample staff-specific translation files #PerlAddVar OILSWebLocale "en_ca" #PerlAddVar OILSWebLocale "/openils/var/data/locale/staff/en-CA.po"