From 8399371adc5c48e1847061deee1936c0d64f2a85 Mon Sep 17 00:00:00 2001
From: Vika Shleina <vika@fireburn.ru>
Date: Mon, 19 Jul 2021 09:36:45 +0300
Subject: Replaced scheme with HTTPS in frontend to prevent weird things

---
 src/frontend/mod.rs | 15 ++++++++++-----
 src/indieauth.rs    |  2 +-
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/frontend/mod.rs b/src/frontend/mod.rs
index 28c4c15..a92d769 100644
--- a/src/frontend/mod.rs
+++ b/src/frontend/mod.rs
@@ -703,12 +703,15 @@ struct OnboardingData {
 pub async fn onboarding_receiver<S: Storage>(mut req: Request<ApplicationState<S>>) -> Result {
     use serde_json::json;
 
+    <AsMut<tide::http::Request>>::as_mut(&mut req).url_mut().set_scheme("https");
+
     let body = req.body_json::<OnboardingData>().await?;
     let backend = &req.state().storage;
+
     #[cfg(any(not(debug_assertions), test))]
     let me = req.url();
     #[cfg(all(debug_assertions, not(test)))]
-    let me = url::Url::parse("http://localhost:8080/").unwrap();
+    let me = url::Url::parse("https://localhost:8080/").unwrap();
 
     if get_post_from_database(backend, me.as_str(), None, &None)
         .await
@@ -778,7 +781,8 @@ pub async fn coffee<S: Storage>(_: Request<ApplicationState<S>>) -> Result {
     .into())
 }
 
-pub async fn mainpage<S: Storage>(req: Request<ApplicationState<S>>) -> Result {
+pub async fn mainpage<S: Storage>(mut req: Request<ApplicationState<S>>) -> Result {
+    <AsMut<tide::http::Request>>::as_mut(&mut req).url_mut().set_scheme("https");
     let backend = &req.state().storage;
     let query = req.query::<QueryParams>()?;
     let authorization_endpoint = req.state().authorization_endpoint.to_string();
@@ -788,7 +792,7 @@ pub async fn mainpage<S: Storage>(req: Request<ApplicationState<S>>) -> Result {
     #[cfg(any(not(debug_assertions), test))]
     let url = req.url();
     #[cfg(all(debug_assertions, not(test)))]
-    let url = url::Url::parse("http://localhost:8080/").unwrap();
+    let url = url::Url::parse("https://localhost:8080/").unwrap();
 
     info!("Request at {}", url);
     let hcard_url = url.as_str();
@@ -852,16 +856,17 @@ pub async fn mainpage<S: Storage>(req: Request<ApplicationState<S>>) -> Result {
     }
 }
 
-pub async fn render_post<S: Storage>(req: Request<ApplicationState<S>>) -> Result {
+pub async fn render_post<S: Storage>(mut req: Request<ApplicationState<S>>) -> Result {
     let query = req.query::<QueryParams>()?;
     let authorization_endpoint = req.state().authorization_endpoint.to_string();
     let token_endpoint = req.state().token_endpoint.to_string();
     let user: Option<String> = None;
 
+    <AsMut<tide::http::Request>>::as_mut(&mut req).url_mut().set_scheme("https");
     #[cfg(any(not(debug_assertions), test))]
     let url = req.url();
     #[cfg(all(debug_assertions, not(test)))]
-    let url = url::Url::parse("http://localhost:8080/")
+    let url = url::Url::parse("https://localhost:8080/")
         .unwrap()
         .join(req.url().path())
         .unwrap();
diff --git a/src/indieauth.rs b/src/indieauth.rs
index 7a2a07e..27e545d 100644
--- a/src/indieauth.rs
+++ b/src/indieauth.rs
@@ -141,7 +141,7 @@ where
         next: Next<'_, ApplicationState<B>>,
     ) -> Result {
         req.set_ext(User::new(
-            "http://localhost:8080/",
+            "https://localhost:8080/",
             "https://curl.haxx.se/",
             "create update delete undelete media",
         ));
-- 
cgit 1.4.1