Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
U
uw_security
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Labels
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Commits
Open sidebar
WCMS
uw_security
Commits
82296817
Commit
82296817
authored
Jan 31, 2012
by
lkmorlan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Redirect all pages containing a form to HTTPS.
parent
aade9177
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
24 additions
and
0 deletions
+24
-0
uw_security.info
uw_security.info
+4
-0
uw_security.module
uw_security.module
+20
-0
No files found.
uw_security.info
0 → 100644
View file @
82296817
name
=
uWaterloo
security
description
=
Provides
security
features
.
core
=
7.
x
package
=
uWaterloo
Core
uw_security.module
0 → 100644
View file @
82296817
<?php
/**
* Implements hook_form_alter().
*
* Redirect all pages containing a form to HTTPS.
* Code based on securelogin module.
*/
function
uw_security_form_alter
(
&
$form
,
&
$form_state
,
$form_id
)
{
global
$is_https
;
// Flag form as secure for theming purposes.
$form
[
'#https'
]
=
TRUE
;
// POST requests are not redirected, to prevent unintentional redirects which result in lost POST data.
if
(
!
$is_https
&&
$_SERVER
[
'REQUEST_METHOD'
]
!==
'POST'
)
{
// Ignore the destination for this redirect (it was preserved in the query).
unset
(
$_GET
[
'destination'
]);
// Can't use https option to url() because we are not setting the https global variable (which is bad for security).
drupal_goto
(
preg_replace
(
'/^http:/'
,
'https:'
,
url
(
$_GET
[
'q'
],
array
(
'query'
=>
drupal_get_query_parameters
(),
'absolute'
=>
TRUE
))),
array
(),
301
);
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment