Merge pull request #1 from metodika/Allow-only-https-connection

RobinBorak · RobinBorak · commit 0512ebc1e572 · 2015-09-02T16:34:26.000+02:00
Allow only https connection
diff --git a/validatehttps.js b/validatehttps.js
@@ -15,6 +15,7 @@ example for configuration:
   <script type="text/javascript">
   var validateHttpsUrl = "<?=$httpsUrl?>";
   var validateHttps = "<?=$validateHttps?>";
+  var allowOnlyHttps = '<?=$account_settings->ONLY_HTTPS_CONNECTION?>';  
   </script>
   <script type="text/javascript" src="validatehttps.js"></script>
 
@@ -23,12 +24,14 @@ example for configuration:
   <script type="text/javascript" src="validatehttps.js"></script>
 
 */
-
+ 
 var dynamicUrl = (typeof validateHttpsUrl == 'undefined' || validateHttpsUrl === "") ? 'https://www.metodika.com/valid.php' : validateHttpsUrl;
 var runValidation = (typeof validateHttps == 'undefined' || validateHttps === "") ? '1' : validateHttps;
+var allowOnlyHttps = (typeof allowOnlyHttps == 'undefined' || allowOnlyHttps === "") ? '0' : allowOnlyHttps;
+var warningText = (typeof warningText == 'undefined' || warningText === "") ? "Unsecure SSL connection. Please update your browser.  " : warningText + "  ";
+var moreInfo = (typeof moreInfo == 'undefined' || moreInfo === "") ? "More info" : moreInfo;
 
-
-function loadJSON(callback) {
+function loadJSON(callback) { 
   var xobj = new XMLHttpRequest();
   xobj.overrideMimeType("application/json");
 
@@ -59,13 +62,13 @@ xobj.send(null);
 }
 
 
-			var warningText = "Unsecure SSL connection. Please update your browser.  ";
 
 
-            var validateWarning = '<div id="validateWrapper">';
 
+            var validateWarning = '<div id="validateWrapper">';
 
-            validateWarning += '<p>'+warningText+'<a href="http://www.macworld.com/article/2099987/what-you-need-to-know-about-apples-ssl-bug.html" target="_blank">More info</a></p>';
+ 
+            validateWarning += '<p>'+warningText+'<a href="http://www.macworld.com/article/2099987/what-you-need-to-know-about-apples-ssl-bug.html" target="_blank">'+moreInfo+'</a></p>';
 
 
             validateWarning += '</div>';  //validateWrapper
@@ -76,7 +79,7 @@ xobj.send(null);
             document.getElementById('validateWrapper').style.width = "100%";
             document.getElementById('validateWrapper').style.position = "absolute";
             document.getElementById('validateWrapper').style.top = "0";
-            document.getElementById('validateWrapper').style.paddingTop = "10px";
+            document.getElementById('validateWrapper').style.paddingTop = "10px";            
             document.getElementById('validateWrapper').style.textAlign = "center";
             document.getElementById('validateWrapper').style.backgroundColor = "rgb(236,236,236)";
 
@@ -86,6 +89,60 @@ xobj.send(null);
 
 
 
+
+				
+			var httpWarning = '<div id="httpBlock">';
+				httpWarning += '<div>';
+				httpWarning += '<p>'+warningText+'<a href="http://www.macworld.com/article/2099987/what-you-need-to-know-about-apples-ssl-bug.html" target="_blank">'+moreInfo+'</a></p>';
+				httpWarning += '</div>';
+	
+				httpWarning += '</div>';
+				document.body.innerHTML += httpWarning; 
+
+				document.getElementById('httpBlock').style.visibility = 'hidden'; 
+				document.getElementById('httpBlock').style.position = 'fixed'; 
+				document.getElementById('httpBlock').style.left = '0px';
+				document.getElementById('httpBlock').style.top = '0';
+				document.getElementById('httpBlock').style.width = '100%';
+				document.getElementById('httpBlock').style.height = '100%';
+				document.getElementById('httpBlock').style.textAlign = 'center';
+				document.getElementById('httpBlock').style.zIndex = '99999';
+				document.getElementById('httpBlock').style.backgroundColor = 'rgba(0, 0, 0, 0.75)';
+
+				document.getElementById('httpBlock').childNodes[0].style.border = '1px solid #999';
+				document.getElementById('httpBlock').childNodes[0].style.border = '1px solid rgba(0,0,0,0.3)';
+				document.getElementById('httpBlock').childNodes[0].style.webkitBorderRadius = '6px';
+				document.getElementById('httpBlock').childNodes[0].style.mozBorderRadius = '6px';
+				document.getElementById('httpBlock').childNodes[0].style.borderRadius = '6px';
+				document.getElementById('httpBlock').childNodes[0].style.outline = 0;
+				document.getElementById('httpBlock').childNodes[0].style.webkitBoxShadow = '0 3px 7px rgba(0,0,0,0.3)';
+				document.getElementById('httpBlock').childNodes[0].style.mozBoxShadow = '0 3px 7px rgba(0,0,0,0.3)';
+				document.getElementById('httpBlock').childNodes[0].style.boxShadow = '0 3px 7px rgba(0,0,0,0.3)';
+				document.getElementById('httpBlock').childNodes[0].style.webkitBackgroundClip = 'padding-box';
+				document.getElementById('httpBlock').childNodes[0].style.mozBackgroundClip = 'padding-box';
+				document.getElementById('httpBlock').childNodes[0].style.backgroundClip = 'padding-box';
+ 
+
+				document.getElementById('httpBlock').childNodes[0].style.position = 'fixed';
+				document.getElementById('httpBlock').childNodes[0].style.backgroundColor = '#fff';
+				document.getElementById('httpBlock').childNodes[0].style.border = '1px solid #000';
+				document.getElementById('httpBlock').childNodes[0].style.padding = '15px';
+				document.getElementById('httpBlock').childNodes[0].style.textAlign = 'center';
+				document.getElementById('httpBlock').childNodes[0].style.top = '10%';
+
+					//Small screen
+				var w = Math.max(document.documentElement.clientWidth, window.innerWidth || 0);
+				if(w>767){
+					document.getElementById('httpBlock').childNodes[0].style.width = '560px';
+					document.getElementById('httpBlock').childNodes[0].style.left = '50%';
+					document.getElementById('httpBlock').childNodes[0].style.marginLeft = '-280px'; 	
+				}else{
+					document.getElementById('httpBlock').childNodes[0].style.width = 'auto'; 
+				}
+
+
+     
+
 var fullUrl = window.location.href;
 var http = fullUrl.split('://');
 
@@ -107,9 +164,30 @@ var http = fullUrl.split('//');
 
      //Warning box at the top
 
+			if(allowOnlyHttps == 1){
+		
+				document.getElementById('httpBlock').style.visibility = 'visible';
+
+
+				//Prevent DOM manipulation
+				var MutationObserver = window.MutationObserver || window.WebKitMutationObserver || window.MozMutationObserver;
+				var target = document.querySelector('#httpBlock');
+				var targetChild = document.querySelector('#httpBlock').childNodes[0];
+
+					var observer = new MutationObserver(function(mutations) {
+					  mutations.forEach(function(mutation) {
+						location.reload();
+					  });    
+					});
 
-            document.getElementById('validateWrapper').style.display = "block";
+				var config = { attributes: true, childList: true, characterData: true, attributeOldValue: true }
 
+				observer.observe(target, config);
+				observer.observe(targetChild, config);
+				
+			}else{
+            	document.getElementById('validateWrapper').style.display = "block";
+			}
 
 
       //console.log("Not safe");
