Branch: refs/heads/develop
Home:
https://github.com/dreamwidth/dw-free Commit: 1d578e8f178bf05539da42818df5b869a6b0df38
https://github.com/dreamwidth/dw-free/commit/1d578e8f178bf05539da42818df5b869a6b0df38 Author: Mark Smith <mark@dreamwidth.org>
Date: 2019-06-02 (Sun, 02 Jun 2019)
Changed paths:
M bin/worker/paidstatus
M cgi-bin/Apache/LiveJournal.pm
M cgi-bin/DW/Controller/ChangeEmail.pm
M cgi-bin/DW/Controller/Community.pm
M cgi-bin/DW/Controller/Create.pm
M cgi-bin/DW/Controller/Entry.pm
M cgi-bin/DW/Controller/InviteCodes.pm
M cgi-bin/DW/Controller/Journal/Protected.pm
M cgi-bin/DW/Controller/MassPrivacy.pm
M cgi-bin/DW/Controller/Media.pm
M cgi-bin/DW/Controller/OAuth/Admin.pm
M cgi-bin/DW/Controller/OAuth/Protocol.pm
M cgi-bin/DW/Controller/Settings.pm
M cgi-bin/DW/External/User.pm
R cgi-bin/DW/Hooks/SSL.pm
M cgi-bin/DW/Request/Base.pm
M cgi-bin/DW/Routing.pm
M cgi-bin/DW/Routing/CallInfo.pm
M cgi-bin/DW/Routing/Test.pm
M cgi-bin/DW/Shop/Engine/CreditCard.pm
M cgi-bin/DW/Template.pm
M cgi-bin/DW/Template/Plugin/FormHTML.pm
M cgi-bin/LJ/CleanHTML.pm
M cgi-bin/LJ/Global/Defaults.pm
M cgi-bin/LJ/NotificationMethod/Email.pm
M cgi-bin/LJ/PageStats.pm
M cgi-bin/LJ/URI.pm
M cgi-bin/LJ/User/Account.pm
M cgi-bin/LJ/User/Login.pm
M cgi-bin/LJ/Web.pm
M cgi-bin/LJ/Widget/Login.pm
M cgi-bin/lj-bml-blocks.pl
M cgi-bin/ljlib.pl
M etc/config-local.pl
M etc/config-private.pl
M etc/config.pl
M htdocs/admin/impersonate.bml
M htdocs/login.bml
M htdocs/manage/circle/invite.bml
M htdocs/manage/externalaccount.bml
M htdocs/mobile/login.bml
M htdocs/shop/entercc.bml
M htdocs/tools/importer.bml
M t/atom-post.t
M t/config-test.pl
M t/create-url.t
M t/https-url.t
M t/referer.t
R t/routing-ssl.t
M views/journal/controlstrip.tt
M views/login.tt
Log Message:
-----------
Remove SSL shenanigans
This diff removes IS_SSL, USE_SSL, USE_HTTPS_EVERYWHERE,
ALL_TRAFFIC_IS_SSL, SSLROOT, SSL*PREFIX, and a bunch of other machinery
that was responsible for SSL management.
This used to be necessary when we had some parts of the site that were
SSL and some weren't, but that's no longer true. These days, the
expectation is that all web traffic is encrypted and that is true on
Dreamwidth and should be true on our hacks and anybody else using our
code, so we can truly simplify the code.
The recommended way for running DW is behind something like Cloudflare
or AWS CloudFront or another proxy service that provides cheap, fast SSL
at scale. If you happen to be running it yourself, you can do the same
with Nginx, Varnish, or your reverse proxy of choice.
![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
github