Add option to enforce https connections

author: thomascube <thomas@roundcube.net> 2009-07-02 06:38:26 +0000
committer: thomascube <thomas@roundcube.net> 2009-07-02 06:38:26 +0000
commit: e48a10a0d7ba44261ce118c024596f61266ff20a (patch)
tree: 61ba9a3aa125887411a4981090c1acf3b6e6a25c /index.php
parent: e40091bffd057c8d1dfb7565bfb93f01e9429713 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/index.php b/index.php
index e8111b113..2767277f7 100644
--- a/index.php
+++ b/index.php
@@ -2,7 +2,7 @@
 /*
  +-------------------------------------------------------------------------+
  | RoundCube Webmail IMAP Client                                           |
- | Version 0.3-20090419                                                    |
+ | Version 0.3-20090702                                                    |
  |                                                                         |
  | Copyright (C) 2005-2009, RoundCube Dev. - Switzerland                   |
  |                                                                         |
@@ -63,6 +63,11 @@ if ($RCMAIL->action=='error' && !empty($_GET['_code'])) {
   raise_error(array('code' => hexdec($_GET['_code'])), FALSE, TRUE);
 }
 
+// check if https is required (for login) and redirect if necessary
+if ($RCMAIL->config->get('force_https', false) && empty($_SESSION['user_id']) && !(isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] == 443)) {
+  header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
+  exit;
+}
 
 // trigger startup plugin hook
 $startup = $RCMAIL->plugins->exec_hook('startup', array('task' => $RCMAIL->task, 'action' => $RCMAIL->action));
author	thomascube <thomas@roundcube.net>	2009-07-02 06:38:26 +0000
committer	thomascube <thomas@roundcube.net>	2009-07-02 06:38:26 +0000
commit	e48a10a0d7ba44261ce118c024596f61266ff20a (patch)
tree	61ba9a3aa125887411a4981090c1acf3b6e6a25c /index.php
parent	e40091bffd057c8d1dfb7565bfb93f01e9429713 (diff)