From 263dc79090b8bf92bbe521f2780110cec0524f82 Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Mon, 13 Sep 2021 01:10:36 +0900
Subject: [PATCH] Use https in AJAX URL if site is accessed over https
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

https를 사용하지 않는 것으로 설정되어 있더라도 실제로 https로 접속했다면
https를 사용하는 것으로 간주하고, AJAX URL을 https로 생성하도록 합니다.

기대되는 효과:

1. 설정이 잘못되어서 로그인이 되지 않거나 AJAX 요청에 실패할 가능성 제거
2. https 접속이 가능한 사이트라면 최대한 https를 사용하도록 유도
---
 classes/context/Context.class.php | 6 +++---
 common/tpl/common_layout.html     | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php
index 96e439422..52958270b 100644
--- a/classes/context/Context.class.php
+++ b/classes/context/Context.class.php
@@ -261,7 +261,7 @@ class Context
 			$site_module_info = ModuleModel::getDefaultMid() ?: new stdClass;
 			self::set('site_module_info', $site_module_info);
 			self::set('_default_timezone', ($site_module_info->settings && $site_module_info->settings->timezone) ? $site_module_info->settings->timezone : null);
-			self::set('_default_url', self::$_instance->db_info->default_url = self::getDefaultUrl($site_module_info));
+			self::set('_default_url', self::$_instance->db_info->default_url = self::getDefaultUrl($site_module_info, RX_SSL));
 			self::set('_http_port', self::$_instance->db_info->http_port = $site_module_info->http_port ?: null);
 			self::set('_https_port', self::$_instance->db_info->https_port = $site_module_info->https_port ?: null);
 			self::set('_use_ssl', self::$_instance->db_info->use_ssl = ($site_module_info->security === 'none' ? 'none' : 'always'));
@@ -1824,9 +1824,9 @@ class Context
 			$site_module_info = $domain_infos[$domain] ?: $site_module_info;
 		}
 		
-		$prefix = ($use_ssl && $site_module_info->security !== 'none') ? 'https://' : 'http://';
+		$prefix = ($use_ssl || $site_module_info->security !== 'none') ? 'https://' : 'http://';
 		$hostname = $site_module_info->domain;
-		$port = ($use_ssl && $site_module_info->security !== 'none') ? $site_module_info->https_port : $site_module_info->http_port;
+		$port = ($use_ssl || $site_module_info->security !== 'none') ? $site_module_info->https_port : $site_module_info->http_port;
 		$result = $prefix . $hostname . ($port ? sprintf(':%d', $port) : '') . RX_BASEURL;
 		return $result;
 	}
diff --git a/common/tpl/common_layout.html b/common/tpl/common_layout.html
index d1f4102be..7f9cf43b6 100644
--- a/common/tpl/common_layout.html
+++ b/common/tpl/common_layout.html
@@ -52,7 +52,7 @@
 	
 <!-- COMMON JS VARIABLES -->
 <script>
-	var default_url = "{\Rhymix\Framework\URL::encodeIdna(Context::getDefaultUrl())}";
+	var default_url = "{\Rhymix\Framework\URL::encodeIdna(Context::getDefaultUrl(null, RX_SSL))}";
 	var current_url = "{\Rhymix\Framework\URL::encodeIdna($current_url)}";
 	var request_uri = "{\Rhymix\Framework\URL::encodeIdna($request_uri)}";
 	var current_lang = xe.current_lang = "{$lang_type}";