Allow to configure https-inspection and ignore-certificate-errors with the CGI editor
authorFabian Keil <fk@fabiankeil.de>
Mon, 2 Mar 2020 11:15:05 +0000 (12:15 +0100)
committerFabian Keil <fk@fabiankeil.de>
Wed, 13 May 2020 09:20:35 +0000 (11:20 +0200)
Sponsored by: Robert Klemme

cgiedit.c
templates/edit-actions-for-url

index 830a826..440e9be 100644 (file)
--- a/cgiedit.c
+++ b/cgiedit.c
@@ -2782,6 +2782,9 @@ jb_err cgi_edit_actions_for_url(struct client_state *csp,
 #ifndef FEATURE_EXTERNAL_FILTERS
    if (!err) err = map_block_killer(exports, "external-content-filters");
 #endif
+#ifndef FEATURE_HTTP_INSPECTION
+   if (!err) err = map_block_killer(exports, "https-inspection");
+#endif
 
    if (err)
    {
index 5a10639..7283bf7 100644 (file)
@@ -957,6 +957,42 @@ function show_limit_connect_opts(tf)
         <input type="text" name="hide_user_agent_mode" size="40"
         value="@hide-user-agent-param@"></td>
     </tr>
+
+<!-- @if-https-inspection-start -->
+   <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="https_inspection" value="Y" @https-inspection-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="https_inspection" value="N" @https-inspection-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="https_inspection" value="X" @https-inspection-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix@HTTPS-INSPECTION">https-inspection</a></td>
+      <td>
+       Enable content and header filtering for https requests.
+     </td>
+    </tr>
+
+   <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="ignore_certificate_errors" value="Y" @ignore-certificate-errors-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="ignore_certificate_errors" value="N" @ignore-certificate-errors-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="ignore_certificate_errors" value="X" @ignore-certificate-errors-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix@IGNORE-CERTIFICATE-ERRORS">ignore-certificate-errors</a></td>
+      <td>
+       Don't verify certificates when forwarding encrypted requests.
+     </td>
+    </tr>
+
+<!-- if-https-inspection-end@ -->
+
     <tr class="bg1" align="left" valign="top">
       <td class="en1" align="center" valign="middle"><input type="radio"
         name="limit_connect" id="limit_connect_y" value="Y" @limit-connect-y@