Fossil SCM
Improvements to the redirect-to-https documentation.
Commit
27891979e10f9ee9d84fe5f22698c3b86aa1fd9c0f383be920e0e278f814c667
Parent
b087b03a7ed6cab…
1 file changed
+6
-2
M
src/db.c
+6
-2
| --- src/db.c | ||
| +++ src/db.c | ||
| @@ -4842,14 +4842,18 @@ | ||
| 4842 | 4842 | ** environment variable is consulted. If "off", a direct HTTP connection is |
| 4843 | 4843 | ** used. |
| 4844 | 4844 | */ |
| 4845 | 4845 | /* |
| 4846 | 4846 | ** SETTING: redirect-to-https default=0 width=2 |
| 4847 | -** Specifies whether or not to redirect http:// requests to | |
| 4848 | -** https:// URIs. A value of 0 (the default) means not to | |
| 4847 | +** Specifies whether or not to redirect unencrypted "http://" requests to | |
| 4848 | +** encrypted "https://" URIs. A value of 0 (the default) means do not | |
| 4849 | 4849 | ** redirect, 1 means to redirect only the /login page, and 2 |
| 4850 | 4850 | ** means to always redirect. |
| 4851 | +** | |
| 4852 | +** For security, a value of 2 is recommended. The default value is 0 | |
| 4853 | +** because not all sites are TLS-capable. But you should definitely enable | |
| 4854 | +** TLS and change this setting to 2 for all public-facing repositories. | |
| 4851 | 4855 | */ |
| 4852 | 4856 | /* |
| 4853 | 4857 | ** SETTING: relative-paths boolean default=on |
| 4854 | 4858 | ** When showing changes and extras, report paths relative |
| 4855 | 4859 | ** to the current working directory. |
| 4856 | 4860 |
| --- src/db.c | |
| +++ src/db.c | |
| @@ -4842,14 +4842,18 @@ | |
| 4842 | ** environment variable is consulted. If "off", a direct HTTP connection is |
| 4843 | ** used. |
| 4844 | */ |
| 4845 | /* |
| 4846 | ** SETTING: redirect-to-https default=0 width=2 |
| 4847 | ** Specifies whether or not to redirect http:// requests to |
| 4848 | ** https:// URIs. A value of 0 (the default) means not to |
| 4849 | ** redirect, 1 means to redirect only the /login page, and 2 |
| 4850 | ** means to always redirect. |
| 4851 | */ |
| 4852 | /* |
| 4853 | ** SETTING: relative-paths boolean default=on |
| 4854 | ** When showing changes and extras, report paths relative |
| 4855 | ** to the current working directory. |
| 4856 |
| --- src/db.c | |
| +++ src/db.c | |
| @@ -4842,14 +4842,18 @@ | |
| 4842 | ** environment variable is consulted. If "off", a direct HTTP connection is |
| 4843 | ** used. |
| 4844 | */ |
| 4845 | /* |
| 4846 | ** SETTING: redirect-to-https default=0 width=2 |
| 4847 | ** Specifies whether or not to redirect unencrypted "http://" requests to |
| 4848 | ** encrypted "https://" URIs. A value of 0 (the default) means do not |
| 4849 | ** redirect, 1 means to redirect only the /login page, and 2 |
| 4850 | ** means to always redirect. |
| 4851 | ** |
| 4852 | ** For security, a value of 2 is recommended. The default value is 0 |
| 4853 | ** because not all sites are TLS-capable. But you should definitely enable |
| 4854 | ** TLS and change this setting to 2 for all public-facing repositories. |
| 4855 | */ |
| 4856 | /* |
| 4857 | ** SETTING: relative-paths boolean default=on |
| 4858 | ** When showing changes and extras, report paths relative |
| 4859 | ** to the current working directory. |
| 4860 |