diff options
| author | Simon Rettberg | 2017-03-29 13:22:08 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2017-03-29 13:22:08 +0200 |
| commit | 134a933f87b82d49b741b987d67de0eb44c903c6 (patch) | |
| tree | 93f75401362a5fb5a04872e9c7de7437411160cb /modules-available/webinterface | |
| parent | Add param to disable HSTS, set headers to prevent caching (diff) | |
| download | slx-admin-134a933f87b82d49b741b987d67de0eb44c903c6.tar.gz slx-admin-134a933f87b82d49b741b987d67de0eb44c903c6.tar.xz slx-admin-134a933f87b82d49b741b987d67de0eb44c903c6.zip | |
[webinterface] Try to redirect back to HTTP when HTTPS gets disabled
Diffstat (limited to 'modules-available/webinterface')
| -rw-r--r-- | modules-available/webinterface/page.inc.php | 5 | ||||
| -rw-r--r-- | modules-available/webinterface/templates/httpd-restart.html | 38 |
2 files changed, 41 insertions, 2 deletions
diff --git a/modules-available/webinterface/page.inc.php b/modules-available/webinterface/page.inc.php index 35e14dc5..93d659f0 100644 --- a/modules-available/webinterface/page.inc.php +++ b/modules-available/webinterface/page.inc.php @@ -26,9 +26,11 @@ class Page_WebInterface extends Page private function actionConfigureHttps() { $task = false; + $off = ''; switch (Request::post('mode')) { case 'off': $task = $this->setHttpsOff(); + $off = '&hsts=off'; break; case 'random': $task = $this->setHttpsRandomCert(); @@ -42,7 +44,7 @@ class Page_WebInterface extends Page } if (isset($task['id'])) { Session::set('https-id', $task['id']); - Util::redirect('?do=WebInterface&show=httpsupdate'); + Util::redirect('?do=WebInterface&show=httpsupdate' . $off); } Util::redirect('?do=WebInterface'); } @@ -117,6 +119,7 @@ class Page_WebInterface extends Page private function setHttpsOff() { Property::set(self::PROP_TYPE, 'off'); + Header('Strict-Transport-Security: max-age=0', true); return Taskmanager::submit('LighttpdHttps', array()); } diff --git a/modules-available/webinterface/templates/httpd-restart.html b/modules-available/webinterface/templates/httpd-restart.html index cc84aafb..ac4e726b 100644 --- a/modules-available/webinterface/templates/httpd-restart.html +++ b/modules-available/webinterface/templates/httpd-restart.html @@ -1,6 +1,42 @@ <div class="panel panel-default"> <div class="panel-heading">{{lang_applyingSettings}}</div> <div class="panel-body"> - <div data-tm-id="{{taskid}}" data-tm-log="error">{{lang_installAndRestart}}</div> + <div data-tm-id="{{taskid}}" data-tm-log="error" data-tm-callback="slxRestartCb">{{lang_installAndRestart}}</div> </div> </div> +<script type="application/javascript"><!-- + +var slxRedirTimeout = 0; +var slxRedirTimer = false; + +function slxRestartCb(task) { + if (!task || !task.statusCode) + return; + if (task.statusCode === 'TASK_WAITING' || task.statusCode === 'TASK_PROCESSING') { + // Polling still works, reset counter + console.log('Resetting because ' + task.statusCode); + slxRedirTimeout = 0; + } else { + console.log('Disabling because ' + task.statusCode); + clearInterval(slxRedirTimer); + window.location.replace(window.location.href.replace('&show=httpsupdate', '')); + } +} + +slxRedirTimer = setInterval(function() { + // Didn't get status update from TM for 6 seconds - try to switch protocols + if (++slxRedirTimeout > 6) { + console.log('TIMEOUT REACHED'); + clearInterval(slxRedirTimer); + var url = window.location.href.split(':', 2)[1]; + if (window.location.protocol === 'https:') { + url = 'http:' + url; + } else { + url = 'https:' + url; + } + console.log('REDIRECT TO ' + url); + window.location.replace(url); + } +}, 1000); + +//--></script>
\ No newline at end of file |