]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki.pm
We no longer have a test for DTD-valid XHTML 1.0, but at least check well-formedness
[git.ikiwiki.info.git] / IkiWiki.pm
index d5d11ee857c02b1520fc6a971032cc592df78d23..dfe89ad32a30adf6b681d77bea12dc7e7e64539b 100644 (file)
@@ -108,6 +108,14 @@ sub getsetup () {
                safe => 1,
                rebuild => 1,
        },
+       reverse_proxy => {
+               type => "boolean",
+               default => 0,
+               description => "do not adjust cgiurl if CGI is accessed via different URL",
+               advanced => 0,
+               safe => 1,
+               rebuild => 0, # only affects CGI requests
+       },
        cgi_wrapper => {
                type => "string",
                default => '',
@@ -266,7 +274,7 @@ sub getsetup () {
        html5 => {
                type => "boolean",
                default => 0,
-               description => "generate HTML5?",
+               description => "use elements new in HTML5 like <section>?",
                advanced => 0,
                safe => 1,
                rebuild => 1,
@@ -535,7 +543,7 @@ sub getsetup () {
        },
        useragent => {
                type => "string",
-               default => undef,
+               default => "ikiwiki/$version",
                example => "Wget/1.13.4 (linux-gnu)",
                description => "set custom user agent string for outbound HTTP requests e.g. when fetching aggregated RSS feeds",
                safe => 0,
@@ -613,12 +621,39 @@ sub checkconfig () {
 
                        $local_cgiurl = $cgiurl->path;
 
-                       if ($cgiurl->scheme ne $baseurl->scheme or
-                               $cgiurl->authority ne $baseurl->authority) {
+                       if ($cgiurl->scheme eq 'https' &&
+                               $baseurl->scheme eq 'http') {
+                               # We assume that the same content is available
+                               # over both http and https, because if it
+                               # wasn't, accessing the static content
+                               # from the CGI would be mixed-content,
+                               # which would be a security flaw.
+
+                               if ($cgiurl->authority ne $baseurl->authority) {
+                                       # use protocol-relative URL for
+                                       # static content
+                                       $local_url = "$config{url}/";
+                                       $local_url =~ s{^http://}{//};
+                               }
+                               # else use host-relative URL for static content
+
+                               # either way, CGI needs to be absolute
+                               $local_cgiurl = $config{cgiurl};
+                       }
+                       elsif ($cgiurl->scheme ne $baseurl->scheme) {
                                # too far apart, fall back to absolute URLs
                                $local_url = "$config{url}/";
                                $local_cgiurl = $config{cgiurl};
                        }
+                       elsif ($cgiurl->authority ne $baseurl->authority) {
+                               # slightly too far apart, fall back to
+                               # protocol-relative URLs
+                               $local_url = "$config{url}/";
+                               $local_url =~ s{^https?://}{//};
+                               $local_cgiurl = $config{cgiurl};
+                               $local_cgiurl =~ s{^https?://}{//};
+                       }
+                       # else keep host-relative URLs
                }
 
                $local_url =~ s{//$}{/};