7 years ago · 878abbddda
--- a/Emby.Server.Implementations/ApplicationHost.cs
+++ b/Emby.Server.Implementations/ApplicationHost.cs
@@ -1931,13 +1931,13 @@ namespace Emby.Server.Implementations
 
				         {
			
 
				             get
			
 
				             {
			
 
				-                return SupportsHttps && ServerConfigurationManager.Configuration.EnableHttps;
			
 
				+                return SupportsHttps && (ServerConfigurationManager.Configuration.EnableHttps || ServerConfigurationManager.Configuration.RequireHttps);
			
 
				             }
			
 
				         }
			
 
				 
			
 
				         public bool SupportsHttps
			
 
				         {
			
 
				-            get { return Certificate != null; }
			
 
				+            get { return Certificate != null || ServerConfigurationManager.Configuration.IsBehindProxy; }
			
 
				         }
			
 
				 
			
 
				         public async Task<string> GetLocalApiUrl()
			
--- a/Emby.Server.Implementations/EntryPoints/ExternalPortForwarding.cs
+++ b/Emby.Server.Implementations/EntryPoints/ExternalPortForwarding.cs
@@ -48,7 +48,7 @@ namespace Emby.Server.Implementations.EntryPoints
 
				             values.Add(config.PublicPort.ToString(CultureInfo.InvariantCulture));
			
 
				             values.Add(_appHost.HttpPort.ToString(CultureInfo.InvariantCulture));
			
 
				             values.Add(_appHost.HttpsPort.ToString(CultureInfo.InvariantCulture));
			
 
				-            values.Add(config.EnableHttps.ToString());
			
 
				+            values.Add((config.EnableHttps || config.RequireHttps).ToString());
			
 
				             values.Add(_appHost.EnableHttps.ToString());
			
 
				 
			
 
				             return string.Join("|", values.ToArray(values.Count));
			
--- a/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs
+++ b/Emby.Server.Implementations/HttpServer/HttpListenerHost.cs
@@ -423,6 +423,19 @@ namespace Emby.Server.Implementations.HttpServer
 
				             return true;
			
 
				         }
			
 
				 
			
 
				+        private bool ValidateSsl(string remoteIp)
			
 
				+        {
			
 
				+            if (_config.Configuration.RequireHttps && _appHost.EnableHttps)
			
 
				+            {
			
 
				+                if (!_networkManager.IsInLocalNetwork(remoteIp))
			
 
				+                {
			
 
				+                    return false;
			
 
				+                }
			
 
				+            }
			
 
				+
			
 
				+            return true;
			
 
				+        }
			
 
				+
			
 
				         /// <summary>
			
 
				         /// Overridable method that can be used to implement a custom hnandler
			
 
				         /// </summary>
			
@@ -453,6 +466,12 @@ namespace Emby.Server.Implementations.HttpServer
 
				                     return;
			
 
				                 }
			
 
				 
			
 
				+                if (!ValidateSsl(httpReq.RemoteIp))
			
 
				+                {
			
 
				+                    RedirectToUrl(httpRes, urlString.Replace("http://", "https://", StringComparison.OrdinalIgnoreCase));
			
 
				+                    return;
			
 
				+                }
			
 
				+
			
 
				                 if (string.Equals(httpReq.Verb, "OPTIONS", StringComparison.OrdinalIgnoreCase))
			
 
				                 {
			
 
				                     httpRes.StatusCode = 200;
			
--- a/MediaBrowser.Model/Configuration/ServerConfiguration.cs
+++ b/MediaBrowser.Model/Configuration/ServerConfiguration.cs
@@ -181,6 +181,8 @@ namespace MediaBrowser.Model.Configuration
 
				         public string[] CodecsUsed { get; set; }
			
 
				         public bool EnableChannelView { get; set; }
			
 
				         public bool EnableExternalContentInSuggestions { get; set; }
			
 
				+        public bool RequireHttps { get; set; }
			
 
				+        public bool IsBehindProxy { get; set; }
			
 
				 
			
 
				         public int ImageExtractionTimeoutMs { get; set; }