MyShaarli

Author	SHA1	Message	Date
ArthurHoaro	101b935de4	Merge pull request #1025 from ArthurHoaro/hotfix/proxy-443 Force HTTPS if the original port is 443 behind a reverse proxy	2017-12-03 12:46:43 +01:00
ArthurHoaro	8e9fc6f6e6	Force HTTPS if the original port is 443 behind a reverse proxy Fixes #1022	2017-12-02 15:24:35 +01:00
ArthurHoaro	91c807d275	Increase buffer size for cURL download 1kB chunk size has caused me a lot of trouble with Travis which wasn't completing the download	2017-11-11 16:49:57 +01:00
ArthurHoaro	a3130d2c2f	Make work behind a reverse proxy Without HTTP_X_FORWARDED_PORT check, might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display	2017-09-02 13:50:49 +02:00
Stephen Muth	b80315e238	Respect HTTP_X_FORWARDED_HOST alongside _PORT and _PROTO Fixes #879	2017-07-08 00:01:03 +00:00
VirtualTam	ee6f4b64a9	Cleanup: use safe boolean comparisons Signed-off-by: VirtualTam <virtualtam@flibidi.net>	2017-01-07 14:37:40 +01:00
ArthurHoaro	8e4be77368	Hide default port in local URL behind a reverse proxy	2017-01-03 14:17:05 +01:00
Arthur	adcdac1dec	Merge pull request #623 from ArthurHoaro/security/reverse-proxy-ban Add trusted IPs in config and try to ban forwarded IP on failed login	2016-10-12 14:48:57 +02:00
julienCXX	634783f916	Set cURL as default in HTTP fetching, a fallback method and consistency fixup between both methods	2016-08-08 20:45:50 +02:00
ArthurHoaro	50d1791838	Add trusted IPs in config and try to ban forwarded IP on failed login * Add a new settings (which needs to be manually set): `security.trusted_proxies` * On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers. * If found, the client address is added in ipbans, else we do nothing. Fixes #409	2016-08-03 10:36:47 +02:00
ArthurHoaro	5046bcb6ab	Fix startsWith and endsWith case	2016-05-10 23:31:41 +02:00
ArthurHoaro	caa69b5853	typo	2016-05-05 13:28:43 +02:00
ArthurHoaro	ce7b0b6480	Fixes #531 - Title retrieving is failing with multiple use case see https://github.com/shaarli/Shaarli/issues/531 for details	2016-05-03 19:51:29 +02:00
ArthurHoaro	85244fa0d0	Fixes #477 : support multi reverse proxy with comma syntax Going through multiple reverse proxy will store multiple scheme and port in HTTP header separated by a comma. Shaarli will use the first one to generate server_url.	2016-02-28 16:24:18 +01:00
VirtualTam	fc17813bd1	tests: add a make target to check file permissions Additions: - [makefile] check versioned files are not executable - [travis] call the new make target Signed-off-by: VirtualTam <virtualtam@flibidi.net>	2016-01-17 21:02:24 +01:00
ArthurHoaro	1557cefbd7	Fixes #410 - Retrieve title fails in multiple cases * `get_http_url()` renamed to `get_http_response()`. * Use the same HTTP context to retrieve response headers and content. * Follow HTTP 301 and 302 redirections to retrieve the title (default max 3 redirections). * Add `LinkUtils` to extract titles and charset. * Try to retrieve charset from HTTP headers first (new), then HTML content. * Use mb_string to re-encode title if necessary.	2016-01-11 21:19:31 +01:00
VirtualTam	482d67bd52	HTTP: move server URL functions to `HttpUtils.php` Relates to #333 Modifications: - refactor server URL utility functions - do not access global `$_SERVER` variables - add test coverage - improve readability - apply coding conventions Signed-off-by: VirtualTam <virtualtam@flibidi.net>	2015-09-14 20:27:16 +02:00
VirtualTam	451314eb48	HTTP: move utils to a proper file, add tests Relates to #333 Modifications: - move HTTP utils to 'application/HttpUtils.php' - simplify logic - replace 'http_parse_headers_shaarli' by built-in 'get_headers()' - remove superfluous '$status' parameter (provided by the HTTP headers) - apply coding conventions - add test coverage (unitary only) Signed-off-by: VirtualTam <virtualtam@flibidi.net>	2015-09-06 19:30:26 +02:00

18 commits