summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPetr Vobornik <pvoborni@redhat.com>2013-06-24 17:44:15 +0200
committerMartin Kosek <mkosek@redhat.com>2013-06-26 15:02:13 +0200
commit093fa2daa03c8071ec65442c926c23ec34ae7184 (patch)
tree1b38c6a9b1aaf32ab076e97b3f1086d0c28d2f52
parent77ae4da70632e17b6be09e9ad71fc353b3bad96e (diff)
downloadfreeipa-093fa2daa03c8071ec65442c926c23ec34ae7184.zip
freeipa-093fa2daa03c8071ec65442c926c23ec34ae7184.tar.gz
freeipa-093fa2daa03c8071ec65442c926c23ec34ae7184.tar.xz
Do not redirect to https in /ipa/ui on non-HTML files
Those resources are needed by page which has to use http(browser config) prior to acceptance of CA cert. https://fedorahosted.org/freeipa/ticket/3748
-rw-r--r--install/conf/ipa-rewrite.conf3
1 files changed, 2 insertions, 1 deletions
diff --git a/install/conf/ipa-rewrite.conf b/install/conf/ipa-rewrite.conf
index 552682b..37661b8 100644
--- a/install/conf/ipa-rewrite.conf
+++ b/install/conf/ipa-rewrite.conf
@@ -1,4 +1,4 @@
-# VERSION 5 - DO NOT REMOVE THIS LINE
+# VERSION 6 - DO NOT REMOVE THIS LINE
RewriteEngine on
@@ -15,6 +15,7 @@ RewriteRule ^/ipa/(.*) http://$FQDN/ipa/$$1 [L,R=301]
# configuration.
RewriteCond %{SERVER_PORT} !^443$$
RewriteCond %{REQUEST_URI} !^/ipa/(errors|config|crl)
+RewriteCond %{REQUEST_URI} !^/ipa/[^\?]+(\.js|\.css|\.png|\.gif|\.ico|\.woff|\.svg|\.ttf|\.eot)$$
RewriteRule ^/ipa/(.*) https://$FQDN/ipa/$$1 [L,R=301,NC]
# Rewrite for plugin index, make it like it's a static file