From: Andrew Dolgov Date: Sat, 6 Dec 2014 05:52:43 +0000 (+0300) Subject: if loaded over ssl and iframe is whitelisted, set its source to https X-Git-Tag: 1.15~3 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=c63850fad00f228ae9613d8f662dd4d2ff05e528;p=tt-rss.git if loaded over ssl and iframe is whitelisted, set its source to https --- diff --git a/include/functions2.php b/include/functions2.php index 29594076..31ca9803 100644 --- a/include/functions2.php +++ b/include/functions2.php @@ -911,8 +911,13 @@ foreach ($entries as $entry) { if (!iframe_whitelisted($entry)) { $entry->setAttribute('sandbox', 'allow-scripts'); + } else { + if ($_SERVER['HTTPS'] == "on") { + $entry->setAttribute("src", + str_replace("http://", "https://", + $entry->getAttribute("src"))); + } } - } $allowed_elements = array('a', 'address', 'audio', 'article', 'aside',