From df17ed9c252e355c27977d0aa141cc60a4ac22a7 Mon Sep 17 00:00:00 2001
From: Fabian Keil <fk@fabiankeil.de>
Date: Mon, 2 Mar 2020 12:15:05 +0100
Subject: [PATCH] Allow to configure https-inspection and
 ignore-certificate-errors with the CGI editor

Sponsored by: Robert Klemme
---
 cgiedit.c                      |  3 +++
 templates/edit-actions-for-url | 36 ++++++++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+)

diff --git a/cgiedit.c b/cgiedit.c
index 830a8266..440e9be8 100644
--- a/cgiedit.c
+++ b/cgiedit.c
@@ -2782,6 +2782,9 @@ jb_err cgi_edit_actions_for_url(struct client_state *csp,
 #ifndef FEATURE_EXTERNAL_FILTERS
    if (!err) err = map_block_killer(exports, "external-content-filters");
 #endif
+#ifndef FEATURE_HTTP_INSPECTION
+   if (!err) err = map_block_killer(exports, "https-inspection");
+#endif
 
    if (err)
    {
diff --git a/templates/edit-actions-for-url b/templates/edit-actions-for-url
index 5a106390..7283bf79 100644
--- a/templates/edit-actions-for-url
+++ b/templates/edit-actions-for-url
@@ -957,6 +957,42 @@ function show_limit_connect_opts(tf)
         <input type="text" name="hide_user_agent_mode" size="40"
         value="@hide-user-agent-param@"></td>
     </tr>
+
+<!-- @if-https-inspection-start -->
+   <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="https_inspection" value="Y" @https-inspection-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="https_inspection" value="N" @https-inspection-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="https_inspection" value="X" @https-inspection-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix@HTTPS-INSPECTION">https-inspection</a></td>
+      <td>
+       Enable content and header filtering for https requests.
+     </td>
+    </tr>
+
+   <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="ignore_certificate_errors" value="Y" @ignore-certificate-errors-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="ignore_certificate_errors" value="N" @ignore-certificate-errors-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="ignore_certificate_errors" value="X" @ignore-certificate-errors-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix@IGNORE-CERTIFICATE-ERRORS">ignore-certificate-errors</a></td>
+      <td>
+       Don't verify certificates when forwarding encrypted requests.
+     </td>
+    </tr>
+
+<!-- if-https-inspection-end@ -->
+
     <tr class="bg1" align="left" valign="top">
       <td class="en1" align="center" valign="middle"><input type="radio"
         name="limit_connect" id="limit_connect_y" value="Y" @limit-connect-y@
-- 
2.39.2