Skip to content
This repository has been archived by the owner on Apr 22, 2021. It is now read-only.

Don't add SSL when accessing via a Tor domain name #31

Closed
TheFiZi opened this issue Nov 11, 2018 · 9 comments
Closed

Don't add SSL when accessing via a Tor domain name #31

TheFiZi opened this issue Nov 11, 2018 · 9 comments
Assignees
@straube
Labels
enhancement
Milestone
1.0

Comments

@TheFiZi
Copy link

TheFiZi commented Nov 11, 2018

I'm using this plugin to get my blog working as a Tor hidden service. My site is available via it's normal URL and a tor service URL.

The base domain is: https://www.pickysysadmin.ca/ and Wordpress enforces SSL

This is my configuration for the plugin:

image

When I go to http://27i7rsfkhoanzabw.onion/ the initial page load is fine. When I click on any internal links to the site the URL is re-written to https://27i7rsfkhoanzabw.onion/ which doesn't work in Tor land.

A potential solution to this would be to have the plugin always drop/not add SSL on domains that end in .onion when re-writing the URLs.
@TheFiZi TheFiZi mentioned this issue Nov 11, 2018
Closed
@straube
Copy link
Owner

straube commented Nov 13, 2018

@TheFiZi I'm wondering if it makes sense to have this exception hard-coded.

I may add a new option for when adding a domain:

[ Name ][ Protocol (Auto, Force HTTP, or Force HTTPS) ][ Base path ][ Locale ]

I think that makes more sense and covers more cases where users want to force a given protocol. What do you think?

In any way, I only will have time to work on this change in 2-3 weeks.

@straube straube added this to the 1.0 milestone Nov 13, 2018
@TheFiZi
Copy link
Author

TheFiZi commented Nov 17, 2018

@straube That sounds like a good way to handle it to me.

@straube straube self-assigned this Dec 20, 2018
@straube
Copy link
Owner

straube commented Dec 20, 2018

I started working on this. I had a discussion with our UX designer and we'll improve the usability of the plugin configuration section.

@straube straube mentioned this issue Feb 14, 2019
Closed
@straube straube closed this as completed in 1eec789 Mar 8, 2019
@straube
Copy link
Owner

straube commented Mar 8, 2019

@TheFiZi I added the protocol option to domain settings. Please update the plugin in your WP installation to 0.10.0 and set the protocol option for 27i7rsfkhoanzabw.onion to http://. Let me know if that fixes the issue.

@TheFiZi
Copy link
Author

TheFiZi commented Mar 8, 2019

Hmmm. I don't think it's re-writing the URLs at all now.

image

@straube
Copy link
Owner

straube commented Mar 9, 2019 via email

@TheFiZi
Copy link
Author

TheFiZi commented Mar 11, 2019

Here you go:

image

@straube
Copy link
Owner

straube commented Mar 11, 2019

I just pushed an update (0.10.2) to fix that. Until 0.9.x, you were not required to include the original domain where you installed WordPress into the plugin settings. However, in 0.10.0 this is mandatory. That requirement broke some installations. I added a fallback to the plugin always load the original domain. Which is www.pickysysadmin.ca in your case, right?

Please keep me posted about any remaining issues.

@TheFiZi
Copy link
Author

TheFiZi commented Mar 11, 2019

Looks like that patch did the trick and got us 98% there.

Post patch:
image

After loading up the site in Tor:
image

Looks like only two images aren't having their URLs re-written. Those two images are linked inside a Widget block:
image

That link to the "tip jar" is also not being re-written (pictured above): <p><a title="More ways to tip with crypto" href="https://www.pickysysadmin.ca/the-tip-jar">More ways to tip with crypto</a></p>

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@straube straube

Labels
enhancement
Projects
None yet
Milestone
1.0
Development

No branches or pull requests
2 participants
@straube @TheFiZi