add sanity check for SELF_URL_PATH going to http url if server is accessed over https

author Andrew Dolgov <noreply@fakecake.org>

Fri, 5 May 2017 07:16:54 +0000 (10:16 +0300)

committer Andrew Dolgov <noreply@fakecake.org>

Fri, 5 May 2017 07:16:54 +0000 (10:16 +0300)
author Andrew Dolgov <noreply@fakecake.org>
Fri, 5 May 2017 07:16:54 +0000 (10:16 +0300)
committer Andrew Dolgov <noreply@fakecake.org>
Fri, 5 May 2017 07:16:54 +0000 (10:16 +0300)
diff --git a/include/sanity_check.php b/include/sanity_check.php

index 3b3e281ec7932c07f16630df73f8c52d51a41ff3..12cc5579df02316f2b72db48de4aac9d36c7553f 100755 (executable)
--- a/include/sanity_check.php
+++ b/include/sanity_check.php
@@ -147,6 +147,12 @@
                         if (!class_exists("DOMDocument")) {
                                 array_push($errors, "PHP support for DOMDocument is required, but was not found.");
                         }
+
+                       $self_scheme = parse_url(SELF_URL_PATH, PHP_URL_SCHEME);
+
+                       if ($_SERVER['HTTPS'] && $self_scheme == 'http') {
+                               array_push($errors, "You are accessing tt-rss over SSL but SELF_URL_PATH in config.php refers to a http:// URL.");
+                       }
                 }
  
                 if (count($errors) > 0 && $_SERVER['REQUEST_URI']) { ?>
author	Andrew Dolgov <noreply@fakecake.org>
	Fri, 5 May 2017 07:16:54 +0000 (10:16 +0300)
committer	Andrew Dolgov <noreply@fakecake.org>
	Fri, 5 May 2017 07:16:54 +0000 (10:16 +0300)