Browse files

MDL-12561: Regression fix: banish insecure items warning in IE7 in HT…

…TPS sites.

blank.html now loaded with a https: URL in sites/pages using SSL.


Author: Jonathan Harker <jonathan@catalyst.net.nz>
  • Loading branch information...
1 parent f9fad87 commit b5ebbaa5bf594e58ba80045e34fc942a0df02b32 jonathanharker committed Jun 9, 2009
View
8 lib/editor/htmlarea/coursefiles.php
@@ -25,7 +25,6 @@
$text = optional_param('text', '', PARAM_RAW);
$confirm = optional_param('confirm', 0, PARAM_BOOL);
-
if (! $course = get_record("course", "id", $id) ) {
error("That's an invalid course id");
}
@@ -40,6 +39,11 @@ function html_footer() {
function html_header($course, $wdir, $formfield=""){
global $CFG;
+ if (!empty($_SERVER['HTTPS']) and $_SERVER['HTTPS'] != 'off') {
+ $url = preg_replace('|https?://[^/]+|', '', $CFG->wwwroot).'/lib/editor/htmlarea/';
+ } else {
+ $url = $CFG->wwwroot.'/lib/editor/htmlarea/';
+ }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
@@ -142,7 +146,7 @@ function reset_value() {
var prev = window.parent.ipreview;
if(prev != null) {
- prev.location.replace('<?php echo $CFG->wwwroot ?>/lib/editor/htmlarea/blank.html');
+ prev.location.replace('<?php echo $url ?>blank.html');
}
var uploader = window.parent.document.forms['uploader'];
if(uploader != null) {
View
6 lib/editor/htmlarea/htmlarea.php
@@ -29,9 +29,7 @@
$lang = "en";
}
- if ($httpsrequired) {
- // this is an ugly hack to allow partial operation of editor on pages that require https when loginhttps enabled
- // please note that some popups still show nonsecurre items and fullscreen may not function properly in IE
+ if ($httpsrequired or (!empty($_SERVER['HTTPS']) and $_SERVER['HTTPS'] != 'off')) {
$url = preg_replace('|https?://[^/]+|', '', $CFG->wwwroot).'/lib/editor/htmlarea/';
} else {
$url = $CFG->wwwroot.'/lib/editor/htmlarea/';
@@ -721,7 +719,7 @@ function createButton(txt) {
// create the IFRAME
var iframe = document.createElement("iframe");
- iframe.src = "<?php echo $CFG->wwwroot ?>/lib/editor/htmlarea/blank.html";
+ iframe.src = "<?php echo $url ?>blank.html";
iframe.className = "iframe";
View
12 lib/editor/htmlarea/popups/insert_image.php
@@ -11,6 +11,12 @@
$upload_max_filesize = get_max_upload_file_size($CFG->maxbytes);
+ if ($httpsrequired or (!empty($_SERVER['HTTPS']) and $_SERVER['HTTPS'] != 'off')) {
+ $url = preg_replace('|https?://[^/]+|', '', $CFG->wwwroot).'/lib/editor/htmlarea/';
+ } else {
+ $url = $CFG->wwwroot.'/lib/editor/htmlarea/';
+ }
+
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@@ -90,9 +96,9 @@ function onPreview() {
img.src = url;
var win = null;
if (!document.all) {
- win = window.open("<?php echo $CFG->wwwroot ?>/lib/editor/htmlarea/blank.html", "ha_imgpreview", "toolbar=no,menubar=no,personalbar=no,innerWidth=100,innerHeight=100,scrollbars=no,resizable=yes");
+ win = window.open("<?php echo $url ?>blank.html", "ha_imgpreview", "toolbar=no,menubar=no,personalbar=no,innerWidth=100,innerHeight=100,scrollbars=no,resizable=yes");
} else {
- win = window.open("<?php echo $CFG->wwwroot ?>/lib/editor/htmlarea/blank.html", "ha_imgpreview", "channelmode=no,directories=no,height=100,width=100,location=no,menubar=no,resizable=yes,scrollbars=no,toolbar=no");
+ win = window.open("<?php echo $url ?>blank.html", "ha_imgpreview", "channelmode=no,directories=no,height=100,width=100,location=no,menubar=no,resizable=yes,scrollbars=no,toolbar=no");
}
preview_window = win;
var doc = win.document;
@@ -269,7 +275,7 @@ function submit_form(dothis) {
?>
</td>
<td width="45%" valign="top"><?php print_string("preview","editor");?>:<br />
- <iframe id="ipreview" name="ipreview" src="<?php echo $CFG->wwwroot ?>/lib/editor/htmlarea/blank.html" style="width: 100%; height: 200px;"></iframe>
+ <iframe id="ipreview" name="ipreview" src="<?php echo $url ?>blank.html" style="width: 100%; height: 200px;"></iframe>
</td>
</tr>
</table>
View
11 lib/editor/htmlarea/popups/insert_image_std.php
@@ -5,6 +5,13 @@
require_course_login($id);
@header('Content-Type: text/html; charset=utf-8');
+
+ if ($httpsrequired or (!empty($_SERVER['HTTPS']) and $_SERVER['HTTPS'] != 'off')) {
+ $url = preg_replace('|https?://[^/]+|', '', $CFG->wwwroot).'/lib/editor/htmlarea/';
+ } else {
+ $url = $CFG->wwwroot.'/lib/editor/htmlarea/';
+ }
+
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
@@ -82,9 +89,9 @@ function onPreview() {
img.src = url;
var win = null;
if (!document.all) {
- win = window.open("<?php echo $CFG->wwwroot ?>/lib/editor/htmlarea/blank.html", "ha_imgpreview", "toolbar=no,menubar=no,personalbar=no,innerWidth=100,innerHeight=100,scrollbars=no,resizable=yes");
+ win = window.open("<?php echo $url ?>blank.html", "ha_imgpreview", "toolbar=no,menubar=no,personalbar=no,innerWidth=100,innerHeight=100,scrollbars=no,resizable=yes");
} else {
- win = window.open("<?php echo $CFG->wwwroot ?>/lib/editor/htmlarea/blank.html", "ha_imgpreview", "channelmode=no,directories=no,height=100,width=100,location=no,menubar=no,resizable=yes,scrollbars=no,toolbar=no");
+ win = window.open("<?php echo $url ?>blank.html", "ha_imgpreview", "channelmode=no,directories=no,height=100,width=100,location=no,menubar=no,resizable=yes,scrollbars=no,toolbar=no");
}
preview_window = win;
var doc = win.document;

0 comments on commit b5ebbaa

Please sign in to comment.