restrict sslify to img tags by default - set config system.sslify_everything if you want to proxy media files also.

3 files changed, 13 insertions, 3 deletions

diff --git a/include/api.php b/include/api.php
index 73f4f57d0..ad29625d8 100644
--- a/include/api.php
+++ b/include/api.php
@@ -75,8 +75,9 @@ require_once('include/attach.php');
 		try {
 			$oauth = new FKOAuth1();
 			$req = OAuthRequest::from_request();
+
 			list($consumer,$token) = $oauth->verify_request($req);
-//			list($consumer,$token) = $oauth->verify_request(OAuthRequest::from_request());
+
 			if (!is_null($token)){
 				$oauth->loginUser($token->uid);
 
diff --git a/include/text.php b/include/text.php
index c30be77b8..5df7bb4a1 100644
--- a/include/text.php
+++ b/include/text.php
@@ -912,8 +912,17 @@ function sslify($s) {
 	if (strpos(z_root(),'https:') === false)
 		return $s;
 
+	// By default we'll only sslify img tags because media files will probably choke.
+	// You can set sslify_everything if you want - but it will likely white-screen if it hits your php memory limit.
+	// The downside is that http: media files will likely be blocked by your browser
+	// Complain to your browser maker
+
+	$allow = get_config('system','sslify_everything');
+	
+	$pattern = (($allow) ? "/\<(.*?)src=\"(http\:.*?)\"(.*?)\>/" : "/\<img(.*?)src=\"(http\:.*?)\"(.*?)\>/" ); 
+
 	$matches = null;
-	$cnt = preg_match_all("/\<(.*?)src=\"(http\:.*?)\"(.*?)\>/",$s,$matches,PREG_SET_ORDER);
+	$cnt = preg_match_all($pattern,$s,$matches,PREG_SET_ORDER);
 	if ($cnt) {
 		foreach ($matches as $match) {
 			$filename = basename( parse_url($match[2], PHP_URL_PATH) );
diff --git a/version.inc b/version.inc
index fbb404a42..8f0263b11 100644
--- a/version.inc
+++ b/version.inc
@@ -1 +1 @@
-2015-10-27.1198
+2015-10-28.1199