From c63850fad00f228ae9613d8f662dd4d2ff05e528 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Sat, 6 Dec 2014 08:52:43 +0300 Subject: [PATCH] if loaded over ssl and iframe is whitelisted, set its source to https --- include/functions2.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/include/functions2.php b/include/functions2.php index 29594076..31ca9803 100644 --- a/include/functions2.php +++ b/include/functions2.php @@ -911,8 +911,13 @@ foreach ($entries as $entry) { if (!iframe_whitelisted($entry)) { $entry->setAttribute('sandbox', 'allow-scripts'); + } else { + if ($_SERVER['HTTPS'] == "on") { + $entry->setAttribute("src", + str_replace("http://", "https://", + $entry->getAttribute("src"))); + } } - } $allowed_elements = array('a', 'address', 'audio', 'article', 'aside', -- 2.39.5