Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

stable

Clone or download

Read-only

Assume Tuleap is always reached over HTTPS

Download Browse

The sys_https_host setting is removed as it is no more used. It should not change a lot of things: * we already upgrade insecure requests in the nginx configuration by default * the default setup set the same value for sys_https_host and sys_default_domain * the `upgrade-insecure-requests` CSP directive already tell browsers to upgrade the connection when they can if needed * we already uses sys_https_host without verification in few spots The only instances that could encounter an issue are the ones that had an empty sys_https_host value with no HTTPS setup or a different value in sys_default_domain and sys_https_host. Part of request #22669: Allow to disable HTTP->HTTPS redirection Closes request #22710: Login forms uses different action URLs depending on the page Change-Id: I701308fa625cec69553a920ff07248bdb1bb1149

+278 −1239
Thomas Gerbet (tgerbet) 2021-08-30 15:54
Thomas Gerbet (tgerbet) 2021-09-17 13:51
4a7bc424fa94de6c239cfe1e4b984fcb628ba58d
264e3a3ff5807af1cf4e28bc55d7717772eba51e
git #tuleap/stable/4a7bc424fa94de6c239cfe1e4b984fcb628ba58d

Modified Files

Side by side diff
Inline diff
Name
M plugins/dynamic_credentials/include/REST/RequestSignatureVerifier.php +2 −1 Go to diff View file
M plugins/dynamic_credentials/tests/unit/REST/RequestSignatureVerifierTest.php +1 −1 Go to diff View file
M plugins/git/include/Git/Driver/Gerrit/ProjectCreator.class.php +2 −2 Go to diff View file
M plugins/git/include/Git/Gitolite/GitoliteAccessURLGenerator.php +3 −3 Go to diff View file
M plugins/git/include/Git/Hook/PostReceiveMailSender.php +2 −1 Go to diff View file
M plugins/mediawiki/fusionforge/compat/utils.php +4 −9 Go to diff View file
M plugins/mediawiki/www/LocalSettings.php +1 −1 Go to diff View file
M plugins/oauth2_server/include/OpenIDConnect/Issuer.php +3 −1 Go to diff View file
M plugins/oauth2_server/tests/unit/OpenIDConnect/Discovery/ConfigurationResponseRepresentationBuilderTest.php +1 −1 Go to diff View file
M plugins/oauth2_server/tests/unit/OpenIDConnect/Discovery/DiscoveryControllerTest.php +1 −1 Go to diff View file
M plugins/oauth2_server/tests/unit/OpenIDConnect/IDToken/OpenIDConnectIDTokenCreatorTest.php +1 −1 Go to diff View file
M plugins/oauth2_server/tests/unit/OpenIDConnect/IssuerTest.php +1 −1 Go to diff View file
M plugins/oauth2_server/tests/unit/REST/Specification/Swagger/SwaggerJsonOAuth2SecurityDefinitionTest.php +1 −1 Go to diff View file
M plugins/oauth2_server/tests/unit/User/UserInfoControllerTest.php +1 −1 Go to diff View file
M plugins/oauth2_server/tests/unit/User/UserInfoResponseRepresentationTest.php +1 −1 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Administration/Presenter.php +3 −7 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Authentication/AzureADUserLinkController.php +0 −14 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Provider/AzureADProvider/AzureADProvider.php +2 −2 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Provider/GenericProvider/GenericProvider.php +2 −2 Go to diff View file
M plugins/openidconnectclient/include/OpenIDConnectClient/Router.php +0 −13 Go to diff View file
M plugins/openidconnectclient/include/openidconnectclientPlugin.php +0 −8 Go to diff View file
M plugins/openidconnectclient/site-content/fr_FR/LC_MESSAGES/tuleap-openidconnectclient.po +0 −7 Go to diff View file
M plugins/openidconnectclient/tests/unit/Authentication/AzureADUserLinkControllerTest.php +3 −12 Go to diff View file
M plugins/openidconnectclient/tests/unit/RouterTest.php +7 −12 Go to diff View file
M plugins/tracker/include/Tracker/Artifact/Artifact.php +1 −1 Go to diff View file
M plugins/tracker/include/Tracker/Artifact/Changeset/PostCreation/EmailNotificationTask.php +3 −3 Go to diff View file
M plugins/tracker/include/Tracker/Artifact/MailGateway/RecipientFactory.class.php +1 −1 Go to diff View file
M plugins/tracker/include/Tracker/Creation/JiraImporter/Import/User/JiraTuleapUsersMapping.php +2 −1 Go to diff View file
M plugins/tracker/include/Tracker/DateReminder/Tracker_DateReminderManager.class.php +4 −6 Go to diff View file
M plugins/tracker/include/Tracker/FormElement/Tracker_FormElement_Field_ArtifactId.php +1 −2 Go to diff View file
M plugins/tracker/include/Tracker/FormElement/Tracker_FormElement_Field_File.php +1 −2 Go to diff View file
M plugins/tracker/include/Tracker/FormElement/Tracker_FormElement_Field_PerTrackerArtifactIdclass.php +1 −2 Go to diff View file
M plugins/tracker/include/Tracker/Tracker.class.php +1 −1 Go to diff View file
M plugins/webdav/include/BrowserPlugin.class.php +6 −6 Go to diff View file
D plugins/webdav/include/Webdav_URLVerification.class.php +0 −97 Go to diff View file
M plugins/webdav/include/webdavPlugin.php +0 −16 Go to diff View file
D plugins/webdav/tests/unit/WebdavURLVerificationTest.php +0 −161 Go to diff View file
M site-content/en_US/file/qrs_attach_file.txt +2 −2 Go to diff View file
M site-content/fr_FR/file/qrs_attach_file.txt +2 −2 Go to diff View file
M src/common/CLI/Command/HealthCheckCommand.php +6 −5 Go to diff View file
M src/common/MailingList/MailingListDoCreateController.php +1 −3 Go to diff View file
M src/common/MailingList/MailingListPresenterBuilder.php +1 −2 Go to diff View file
M src/common/Project/ProjectCreator.class.php +3 −3 Go to diff View file
M src/common/Project/Service/ServiceCreator.php +3 −7 Go to diff View file
M src/common/Project/Service/ServiceLinkDataBuilder.php +3 −7 Go to diff View file
M src/common/REST/GateKeeper.class.php +8 −22 Go to diff View file
M src/common/REST/Header.class.php +2 −2 Go to diff View file
M src/common/Service/ServiceCreator.php +5 −8 Go to diff View file
M src/common/Session/PHP_Session.class.php +1 −1 Go to diff View file
M src/common/User/Account/UserWellKnownChangePasswordController.php +2 −1 Go to diff View file
M src/common/User/LoginPresenterBuilder.php +3 −4 Go to diff View file
M src/common/Widget/Widget_ProjectPublicAreas.class.php +1 −1 Go to diff View file
M src/common/include/CookieManager.php +1 −10 Go to diff View file
M src/common/include/HTTPRequest.class.php +4 −62 Go to diff View file
M src/common/include/InstanceBaseURLBuilder.php +1 −6 Go to diff View file
A src/common/include/ServerHostname.php +46 −0 Go to diff View file
M src/common/include/URLVerification.class.php +7 −47 Go to diff View file
M src/common/layout/ProjectSidebarBuilder.php +3 −6 Go to diff View file
M src/common/layout/SiteHomepageController.php +2 −9 Go to diff View file
M src/common/log/TuleapIdentifierProcessor.php +2 −1 Go to diff View file
M src/common/tracker/Artifact.class.php +1 −1 Go to diff View file
M src/common/wiki/phpwiki/lib/IniConfig.php +1 −5 Go to diff View file
M src/etc/local.inc.dist +3 −20 Go to diff View file
M src/templates/homepage/homepage-sign-in.mustache +3 −3 Go to diff View file
M src/templates/homepage/homepage.mustache +1 −1 Go to diff View file
M src/themes/BurningParrot/include/HomePagePresenter.php +0 −3 Go to diff View file
M src/utils/cvs1/log_accum +3 −10 Go to diff View file
M src/utils/include.py +1 −3 Go to diff View file
M src/utils/svn/commit-email.pl +5 −10 Go to diff View file
M src/www/account/deleted.php +0 −1 Go to diff View file
M src/www/account/login.php +0 −1 Go to diff View file
M src/www/include/utils.php +2 −11 Go to diff View file
M src/www/soap/codendi.wsdl.php +2 −8 Go to diff View file
M src/www/soap/index.php +1 −8 Go to diff View file
M src/www/soap/project/index.php +2 −8 Go to diff View file
M src/www/soap/svn/index.php +2 −8 Go to diff View file
M src/www/svn/svn_intro.php +1 −8 Go to diff View file
M tests/e2e/full/tuleap/setup.sh +0 −1 Go to diff View file
M tests/integration/_fixtures/local.inc +0 −10 Go to diff View file
M tests/integration/bin/setup.sh +0 −2 Go to diff View file
M tests/rest/bin/setup.sh +0 −2 Go to diff View file
M tests/soap/bin/setup.sh +0 −1 Go to diff View file
M tests/unit/common/Include/CookieManagerTest.php +2 −19 Go to diff View file
D tests/unit/common/Include/HTTPRequest/HTTPRequestGetServerURLConfigFallbackTests.php +0 −70 Go to diff View file
D tests/unit/common/Include/HTTPRequest/HTTPRequestGetServerURLSSLTests.php +0 −93 Go to diff View file
D tests/unit/common/Include/HTTPRequest/HTTPRequestGetServerURLTests.php +0 −49 Go to diff View file
D tests/unit/common/Include/HTTPRequest/HTTPRequestGetServerURLTrustedProxyTests.php +0 −145 Go to diff View file
M tests/unit/common/Include/HTTPRequest/HTTPRequestTest.php +8 −0 Go to diff View file
M tests/unit/common/Include/InstanceBaseURLBuilderTest.php +1 −10 Go to diff View file
A tests/unit/common/Include/ServerHostnameTest.php +48 −0 Go to diff View file
M tests/unit/common/Include/URLRedirectTest.php +0 −1 Go to diff View file
M tests/unit/common/Include/UrlVerification/URLVerificationRedirectionTests.php +3 −4 Go to diff View file
M tests/unit/common/Include/UrlVerification/URLVerificationTest.php +3 −79 Go to diff View file
M tests/unit/common/Include/UrlVerification/URLVerificationWithAnonymousTest.php +4 −4 Go to diff View file
M tests/unit/common/REST/GateKeeperTest.php +6 −24 Go to diff View file
M tests/unit/common/Reference/ReferenceManagerTest.php +2 −2 Go to diff View file
M tests/unit/common/User/Account/UserWellKnownChangePasswordControllerTest.php +1 −1 Go to diff View file