X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/70bc1a2113e74d25f9d70d2e6d809565a3e8df06..3b8da667cc1514a9589190b614307c0a76af532a:/IkiWiki.pm

diff --git a/IkiWiki.pm b/IkiWiki.pm
index 4ad365c1d..570c185ad 100644
--- a/IkiWiki.pm
+++ b/IkiWiki.pm
@@ -14,7 +14,7 @@ use vars qw{%config %links %oldlinks %pagemtime %pagectime %pagecase
 	%pagestate %wikistate %renderedfiles %oldrenderedfiles
 	%pagesources %delpagesources %destsources %depends %depends_simple
 	@mass_depends %hooks %forcerebuild %loaded_plugins %typedlinks
-	%oldtypedlinks %autofiles @underlayfiles $lastrev};
+	%oldtypedlinks %autofiles @underlayfiles $lastrev $phase};
 
 use Exporter q{import};
 our @EXPORT = qw(hook debug error htmlpage template template_depends
@@ -34,6 +34,11 @@ our $DEPEND_CONTENT=1;
 our $DEPEND_PRESENCE=2;
 our $DEPEND_LINKS=4;
 
+# Phases of processing.
+sub PHASE_SCAN () { 0 }
+sub PHASE_RENDER () { 1 }
+$phase = PHASE_SCAN;
+
 # Optimisation.
 use Memoize;
 memoize("abs2rel");
@@ -103,6 +108,14 @@ sub getsetup () {
 		safe => 1,
 		rebuild => 1,
 	},
+	reverse_proxy => {
+		type => "boolean",
+		default => 0,
+		description => "do not adjust cgiurl if CGI is accessed via different URL",
+		advanced => 0,
+		safe => 1,
+		rebuild => 0, # only affects CGI requests
+	},
 	cgi_wrapper => {
 		type => "string",
 		default => '',
@@ -152,7 +165,8 @@ sub getsetup () {
 		type => "internal",
 		default => [qw{mdwn link inline meta htmlscrubber passwordauth
 				openid signinedit lockedit conditional
-				recentchanges parentlinks editpage}],
+				recentchanges parentlinks editpage
+				templatebody}],
 		description => "plugins to enable by default",
 		safe => 0,
 		rebuild => 1,
@@ -607,12 +621,39 @@ sub checkconfig () {
 
 			$local_cgiurl = $cgiurl->path;
 
-			if ($cgiurl->scheme ne $baseurl->scheme or
-				$cgiurl->authority ne $baseurl->authority) {
+			if ($cgiurl->scheme eq 'https' &&
+				$baseurl->scheme eq 'http') {
+				# We assume that the same content is available
+				# over both http and https, because if it
+				# wasn't, accessing the static content
+				# from the CGI would be mixed-content,
+				# which would be a security flaw.
+
+				if ($cgiurl->authority ne $baseurl->authority) {
+					# use protocol-relative URL for
+					# static content
+					$local_url = "$config{url}/";
+					$local_url =~ s{^http://}{//};
+				}
+				# else use host-relative URL for static content
+
+				# either way, CGI needs to be absolute
+				$local_cgiurl = $config{cgiurl};
+			}
+			elsif ($cgiurl->scheme ne $baseurl->scheme) {
 				# too far apart, fall back to absolute URLs
 				$local_url = "$config{url}/";
 				$local_cgiurl = $config{cgiurl};
 			}
+			elsif ($cgiurl->authority ne $baseurl->authority) {
+				# slightly too far apart, fall back to
+				# protocol-relative URLs
+				$local_url = "$config{url}/";
+				$local_url =~ s{^https?://}{//};
+				$local_cgiurl = $config{cgiurl};
+				$local_cgiurl =~ s{^https?://}{//};
+			}
+			# else keep host-relative URLs
 		}
 
 		$local_url =~ s{//$}{/};
@@ -2022,11 +2063,19 @@ sub template_depends ($$;@) {
 	if (defined $page && defined $tpage) {
 		add_depends($page, $tpage);
 	}
-	
+
 	my @opts=(
 		filter => sub {
 			my $text_ref = shift;
 			${$text_ref} = decode_utf8(${$text_ref});
+			run_hooks(readtemplate => sub {
+				${$text_ref} = shift->(
+					id => $name,
+					page => $tpage,
+					content => ${$text_ref},
+					untrusted => $untrusted,
+				);
+			});
 		},
 		loop_context_vars => 1,
 		die_on_bad_params => 0,