From 20997619b353faa94591800fbfc02bc19a4cdce3 Mon Sep 17 00:00:00 2001
From: Craig Andrews <candrews@integralblue.com>
Date: Sun, 13 Sep 2009 01:24:57 -0400
Subject: When viewing a page in https, all links to non-actions (links to CSS,
 JS, etc) should be https. Fixes the mixed content warnings that browsers
 display.

Fixes http://status.net/trac/ticket/1552
---
 lib/util.php | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'lib')

diff --git a/lib/util.php b/lib/util.php
index b831859e9..5b57b79b5 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -750,8 +750,18 @@ function common_local_url($action, $args=null, $params=null, $fragment=null)
     return $url;
 }
 
-function common_path($relative, $ssl=false)
+function common_path($relative, $ssl=null)
 {
+    if($ssl==null) {
+        //ssl was not specifically requested
+        if( $_SERVER['HTTPS'] && $_SERVER['HTTPS']!="off" ) {
+            //currently in https, so stay in https
+            $ssl=true;
+        } else {
+            //not in https, so stay not in https
+            $ssl=false;
+        }
+    }
     $pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : '';
 
     if (($ssl && (common_config('site', 'ssl') === 'sometimes'))
-- 
cgit v1.2.3-54-g00ecf