-
-
Notifications
You must be signed in to change notification settings - Fork 10.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
forceAdminSSL may need to redirect to another domain #1838
Comments
Implemented in PR #1809 . |
This issue has gone into a special 0.4.1 milestone for a maintenance release sometime within the next month. Master will continue to be work in progress for the active milestone 0.5. A special 0.4-maintenance branch has been created. The workflow for these fixes is that PRs for 0.4.1 should be made to that branch rather than master and then I will merge it back into master. Unfortunately, it's not possible to change open PRs to go to a different branch, a brand new PR has to be created & the old one closed.There were already many PRs open for the 0.4.1 issues before the branch was created, and I am not asking or requiring anyone with an already open PR to master to do this - I am able to manually merge the changes into the right branch. However, I will appreciate anyone who has a few minutes to save me the job 👍 |
From #1809: I'll try to structure what I wrote above. Adding a second domain adds some complexity we should think about. At the moment we have two configuration options to force the use of SSL.
If the scheme of
The
Now the tricky part. I would suggest using
Have I forgotten anything? |
@ErisDS @sebgie As I looked into it deeper, I wanted to get your opinion. Implementing Basically, the proper implementation would change all the places where In order to minimize code changes, one could use [ So to me that started to look like a bigger change than warranted for just forcing Admin portion to SSL. What do you think? Am I totally off here? I reckon it would suffice to keep this contained to For me personally, the most important case is really just denying access, via Thoughts? |
FYI #1858 just got merged in which cleaned up some of those issues. I haven't really investigated thoroughly but just wanted to alert you that some of the pain points may have been mitigated. |
@hswolff Perfect timing! 👍 Yeah, looks like the Ok, so the current idea is to modify P.S. This is a good example where in multi-threaded frameworks thread-local variables can come to the rescue. In Node.js this will have to be more inventive. |
I think I figured it out. Just need to test more, and probably add a bunch of unit tests for the new expected flows. |
- adding `forceAdminSSL: {redirect: true/false}` option to allow 403 over non-SSL rather than redirect - adding `urlSSL` option to specify SSL variant of `url` - using `urlSSL` when redirecting to SSL (forceAdminSSL), if specified - dynamically patching `.url` property for view engine templates to use SSL variant over HTTPS connections (pass `.secure` property as view engine data) - using `urlSSL` in a "reset password" email, if specified - adding unit tests to test `forceAdminSSL` and `urlSSL` options - created a unit test utility function to dynamically fork a new instance of Ghost during the test, with different configuration options
Finally managed to find time to finish this. Creating unit tests took a while, but I have now added support for 'forking' new instance of Ghost during unit tests to be able to test various configuration options (not just single static configuration from the default config.js file). As I was merging today there were a few conflicts, since code has moved on since I started on this. I believe I have accounted for the new changes, such as /tags/ URLs, and tested locally. Looks like it's working fine, and uses the |
closes TryGhost#1838 - adding `forceAdminSSL: {redirect: true/false}` option to allow 403 over non-SSL rather than redirect - adding `urlSSL` option to specify SSL variant of `url` - using `urlSSL` when redirecting to SSL (forceAdminSSL), if specified - dynamically patching `.url` property for view engine templates to use SSL variant over HTTPS connections (pass `.secure` property as view engine data) - using `urlSSL` in a "reset password" email, if specified - adding unit tests to test `forceAdminSSL` and `urlSSL` options - created a unit test utility function to dynamically fork a new instance of Ghost during the test, with different configuration options
@gimelfarb thank you for updating and your endurance :-). I have tested it locally and it is imo good to merge 👍. |
No worries. Glad I was able to contribute! |
This is an enhancement to the current handling, where a 301 redirect is issued to "https://" URL using the same hostname as configured in the ".url" property of the config. This behavior may not always be appropriate.
Take Heroku for example. The SSL endpoint for a custom domain is a premium feature. So for free accounts custom domain (e.g. "www.myblog.com") is available via HTTP only. However, HTTPS is available via the default "https://myblog.herokuapp.com", using Heroku's domain for your app.
Since it is not desirable to access Ghost Admin via HTTP connection, the "http://www.myblog.com/ghost" should either be disallowed or redirect to "https://myblog.herokuapp.com".
Proposed features:
.url
property for Admin accessThese are for when
forceAdminSSL: true
is set.The text was updated successfully, but these errors were encountered: