From f5644ae9fb30e620a6ba05493ae6ce665b71eaec Mon Sep 17 00:00:00 2001 From: PaulePanter Date: Thu, 11 Oct 2012 04:34:32 -0400 Subject: [PATCH] =?UTF-8?q?forum=20question=20=C2=BBcreating=20CGI=20scrip?= =?UTF-8?q?t=20and=20HTTPS=C2=AB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/forum/CGI_script_and_HTTPS.mdwn | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 doc/forum/CGI_script_and_HTTPS.mdwn diff --git a/doc/forum/CGI_script_and_HTTPS.mdwn b/doc/forum/CGI_script_and_HTTPS.mdwn new file mode 100644 index 000000000..2f255002d --- /dev/null +++ b/doc/forum/CGI_script_and_HTTPS.mdwn @@ -0,0 +1,29 @@ +Dear ikiwiki folks, + +using Debian Wheezy and ikiwiki 3.20120629 for some reason when accessing the site using HTTP (and not HTTPS), going to Edit, so executing the CGI script, all URLs are prepended with HTTPS, which I do not want. + + + +Trying to look at the source, I guess it is originating from `IkiWiki/CGI.pm`. + + sub printheader ($) { + my $session=shift; + + if (($ENV{HTTPS} && lc $ENV{HTTPS} ne "off") || $config{sslcookie}) { + print $session->header(-charset => 'utf-8', + -cookie => $session->cookie(-httponly => 1, -secure => 1)); + } + else { + print $session->header(-charset => 'utf-8', + -cookie => $session->cookie(-httponly => 1)); + } + } + +Does it check if HTTPS is enabled in the environment? During `ikiwiki --setup example.setup` or when the CGI script is run when the site is accessed (for example in an Apache environment)? + +Can this somehow be disabled in ikiwiki. Reading the code I guess I could somehow set `HTTPS = off` somewhere in the `VirtualHost` section of the Apache configuration. + + +Thanks, + +--[[PaulePanter]]