From f0a62d8908cef31982c1c2b24fc9dbc8b59b8bdb Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Wed, 14 Mar 2012 20:36:23 -0700
Subject: ssl_policy stuff

---
 boot.php | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

(limited to 'boot.php')

diff --git a/boot.php b/boot.php
index ba731ddee..22a4e39be 100755
--- a/boot.php
+++ b/boot.php
@@ -379,11 +379,22 @@ class App {
 
 		$scheme = $this->scheme;
 
-		if(x($this->config,'ssl_policy')) {
-			if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL)) 
-				$scheme = 'https';
-			if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params')))
+		if((x($this->config,'system')) && (x($this->config['system'],'ssl_policy'))) {
+			if($this->config['system']['ssl_policy'] == SSL_POLICY_FULL) 
 				$scheme = 'https';
+
+//			We need to populate the $ssl flag across the entire program before turning this on.
+//			Basically, we'll have $ssl = true on any links which can only be seen by a logged in user
+//			(and also the login link). Anything seen by an outsider will have it turned off.
+//			At present, setting SSL_POLICY_SELFSIGN will only force remote contacts to update their 
+//			contact links to this site with "http:" if they are currently using "https:"
+
+//			if($this->config['system']['ssl_policy'] == SSL_POLICY_SELFSIGN) {
+//				if($ssl)
+//					$scheme = 'https';
+//				else
+//					$scheme = 'http';
+//			}
 		}
 
 		$this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' );
-- 
cgit v1.2.3