From de15123b4eecfb35da832f490abd37196244470d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sun, 8 Oct 2023 12:47:44 +0200 Subject: [PATCH] Build HTTPS URL using Javascript to ensure we use the exact same URL the user used to get there - do not hard-code pi.hole as hostname Signed-off-by: DL6ER --- login.lp | 11 +---------- scripts/pi-hole/js/login.js | 6 ++++++ 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/login.lp b/login.lp index 8d139a53..8d4b4bda 100644 --- a/login.lp +++ b/login.lp @@ -8,15 +8,6 @@ --]] mg.include('scripts/pi-hole/lua/header.lp','r') - --- Build HTTPS upgrade link if HTTP is used -https_link = "" -if not is_secure then - https_link = "https://pi.hole" .. mg.request_info.request_uri - if mg.request_info.query_string then - https_link = https_link .. "?" .. mg.request_info.query_string - end -end ?>
-

Consider upgrading to HTTPS (end-to-end encryption)

+

Consider upgrading to HTTPS (end-to-end encryption)

diff --git a/scripts/pi-hole/js/login.js b/scripts/pi-hole/js/login.js index cb900c2c..b394dd95 100644 --- a/scripts/pi-hole/js/login.js +++ b/scripts/pi-hole/js/login.js @@ -117,4 +117,10 @@ $(function () { // Clear TOTP field $("#totp").val(""); + + // Generate HTTPS redirection link (only used if not already HTTPS) + if (location.protocol !== "https:") { + const url = "https:" + location.href.substring(location.protocol.length); + $("#https-link").attr("href", url); + } });