[LON-CAPA-cvs] cvs: doc /loncapafiles webserver.piml
raeburn
raeburn at source.lon-capa.org
Mon Jan 6 10:36:49 EST 2020
raeburn Mon Jan 6 15:36:49 2020 EDT
Modified files:
/doc/loncapafiles webserver.piml
Log:
- If Strict-Transport-Security (with max-age > 0) is set in Apache config
rewrites from https to http for specific URLs make no sense.
Index: doc/loncapafiles/webserver.piml
diff -u doc/loncapafiles/webserver.piml:1.48 doc/loncapafiles/webserver.piml:1.49
--- doc/loncapafiles/webserver.piml:1.48 Sat Jan 4 18:03:16 2020
+++ doc/loncapafiles/webserver.piml Mon Jan 6 15:36:49 2020
@@ -2,7 +2,7 @@
"http://lpml.sourceforge.net/DTD/piml.dtd">
<!-- webserver.piml -->
-<!-- $Id: webserver.piml,v 1.48 2020/01/04 18:03:16 raeburn Exp $ -->
+<!-- $Id: webserver.piml,v 1.49 2020/01/06 15:36:49 raeburn Exp $ -->
<!--
@@ -197,7 +197,7 @@
'of requests for http:// to https:// '."\n".'or:'."\n".$rewrite_off.
' - the file used to disable such rewriting'."\n\n".
'This may be because '. $curr_rewrite.' has been '.
- 'previously customized,'."\n".' or it may be because of a change '.
+ 'previously customized,'."\n".'or it may be because of a change '.
'to the files in '.$rewrite_dir."\n");
if (open(my $fh,'<',$curr_rewrite)) {
while(<$fh>) {
@@ -299,10 +299,11 @@
}
}
unless ($gotrules) {
- print('**** WARNING **** '.$curr_rewrite.' is currently set so rewrites '.
+ print('**** WARNING **** '."\n".$curr_rewrite.' is currently set so rewrites '.
'of http to https are enabled for most URLs.'."\n".
- 'It is recommended to also set rewrites from https to http '.
- 'in a file in '.$ssldir.' by including the following:'."\n".
+ 'Unless your Apache configuration includes Strict-Transport-Security '.
+ '(with max-age > 0), it is recommended to also set rewrites from https to http '.
+ 'for specific URLs in a file in '.$ssldir.' by including the following:'."\n".
"<IfModule mod_rewrite.c>\n".' '.
join("\n ", at expected)."\n".
"</IfModule>\n");
More information about the LON-CAPA-cvs
mailing list