Close #1768; Force SSL

i18n/en.i18n.json

@@ -182,6 +182,7 @@
   "FileUpload_ProtectFiles" : "Protect uploaded files",
   "FileUpload_ProtectFilesDescription" : "Only authenticated users will have access",
   "Follow_social_profiles" : "Follow our social profiles, fork us on github and share your thoughts about the rocket.chat app on our trello board.",
+  "Force_SSL" : "Force SSL",
   "Forgot_password" : "Forgot your password",
   "Fork_it_on_github" : "Fork it on github",
   "From_Email" : "From Email",
@@ -273,12 +274,12 @@
   "Loading..." : "Loading...",
   "Loading_more_from_history" : "Loading more from history",
   "Loading_suggestion" : "Loading suggestions...",
+  "Logged_out_of_other_clients_successfully" : "Logged out of other clients successfully",
   "Login" : "Login",
   "Login_with" : "Login with %s",
   "login_with" : "Or login directly with",
   "Logout" : "Logout",
   "Logout_Others" : "Logout From Other Logged In Locations",
-  "Logged_out_of_other_clients_successfully" : "Logged out of other clients successfully",
   "Make_Admin" : "Make Admin",
   "Mark_as_read" : "Mark as read",
   "Markdown_Headers" : "Markdown Headers",
@@ -458,10 +459,10 @@
   "Send_Message" : "Send Message",
   "Send_your_JSON_payloads_to_this_URL" : "Send your JSON payloads to this URL.",
   "Set_as_moderator" : "Set as moderator",
-  "Settings" : "Settings",
-  "Settings_updated" : "Settings updated",
   "Set_as_moderator" : "Set as moderator",
   "Set_as_owner" : "Set as owner",
+  "Settings" : "Settings",
+  "Settings_updated" : "Settings updated",
   "Should_be_a_URL_of_an_image" : "Should be a URL of an image.",
   "Should_exists_a_user_with_this_username" : "The user must already exist.",
   "Showing_archived_results" : "<p>Showing <b>%s</b> archived results</p>",
@@ -539,9 +540,17 @@
   "Use_uploaded_avatar" : "Use uploaded avatar",
   "Use_url_for_avatar" : "Use url for avatar",
   "User__username__is_now_a_moderator_of__room_name_" : "User __username__ is now a moderator of __room_name__",
+  "User__username__is_now_a_moderator_of__room_name_" : "User __username__ is now a moderator of __room_name__",
+  "User__username__is_now_a_owner_of__room_name_" : "User __username__ is now a owner of __room_name__",
+  "User__username__removed_from__room_name__moderators" : "User __username__ removed from __room_name__ moderators",
   "User__username__removed_from__room_name__moderators" : "User __username__ removed from __room_name__ moderators",
+  "User__username__removed_from__room_name__owners" : "User __username__ removed from __room_name__ owners",
+  "User__username__was_added_as_a_moderator_by__user_by_" : "User <em>__username__</em> was added as a moderator by <em>__user_by__</em>",
   "User__username__was_added_as_a_moderator_by__user_by_" : "User <em>__username__</em> was added as a moderator by <em>__user_by__</em>",
+  "User__username__was_added_as_a_owner_by__user_by_" : "User <em>__username__</em> was added as a owner by <em>__user_by__</em>",
+  "User__username__was_removed_as_a_moderator_by__user_by_" : "User <em>__username__</em> was removed as a moderator by <em>__user_by__</em>",
   "User__username__was_removed_as_a_moderator_by__user_by_" : "User <em>__username__</em> was removed as a moderator by <em>__user_by__</em>",
+  "User__username__was_removed_as_a_owner_by__user_by_" : "User <em>__username__</em> was removed as a owner by <em>__user_by__</em>",
   "User_added_by" : "User <em>__user_added__</em> added by <em>__user_by__</em>.",
   "User_Channels" : "User Channels",
   "User_has_been_activated" : "User has been activated",
@@ -566,18 +575,10 @@
   "User_or_channel_name" : "User or channel name",
   "User_removed_by" : "User <em>__user_removed__</em> removed by <em>__user_by__</em>.",
   "User_removed_from_room" : "The user has been removed from the room",
-  "User__username__removed_from__room_name__moderators" : "User __username__ removed from __room_name__ moderators",
-  "User__username__removed_from__room_name__owners" : "User __username__ removed from __room_name__ owners",
   "User_Settings" : "User Settings",
   "User_unmuted_by" : "User <em>__user_unmuted__</em> unmuted by <em>__user_by__</em>.",
   "User_unmuted_in_room" : "User unmuted in room",
   "User_updated_successfully" : "User updated successfully",
-  "User__username__is_now_a_moderator_of__room_name_" : "User __username__ is now a moderator of __room_name__",
-  "User__username__is_now_a_owner_of__room_name_" : "User __username__ is now a owner of __room_name__",
-  "User__username__was_added_as_a_moderator_by__user_by_" : "User <em>__username__</em> was added as a moderator by <em>__user_by__</em>",
-  "User__username__was_added_as_a_owner_by__user_by_" : "User <em>__username__</em> was added as a owner by <em>__user_by__</em>",
-  "User__username__was_removed_as_a_moderator_by__user_by_" : "User <em>__username__</em> was removed as a moderator by <em>__user_by__</em>",
-  "User__username__was_removed_as_a_owner_by__user_by_" : "User <em>__username__</em> was removed as a owner by <em>__user_by__</em>",
   "Username" : "Username",
   "Username_cant_be_empty" : "The username cannot be empty",
   "Username_Change_Disabled" : "Your Rocket.Chat administrator has disabled the changing of usernames",

packages/rocketchat-cors/cors.coffee

@@ -47,3 +47,38 @@ WebAppInternals._staticFilesMiddleware = (staticFiles, req, res, next) ->
 	res.setHeader("X-Rocket-Chat-Version", VERSION)
 	res.setHeader("Access-Control-Expose-Headers",  "X-Rocket-Chat-Version")
 	_staticFilesMiddleware(staticFiles, req, res, next)
+
+
+url = Npm.require("url")
+
+httpServer = WebApp.httpServer
+oldHttpServerListeners = httpServer.listeners('request').slice(0)
+httpServer.removeAllListeners('request')
+
+httpServer.addListener 'request', (req, res) ->
+	if RocketChat.settings.get('Force_SSL') isnt true
+		return
+
+	remoteAddress = req.connection.remoteAddress or req.socket.remoteAddress
+
+	localhostRegexp = /^\s*(127\.0\.0\.1|::1)\s*$/
+	localhostTest = (x) ->
+		return localhostRegexp.test(x)
+
+	isLocal = localhostRegexp.test(remoteAddress) and (not req.headers['x-forwarded-for'] or _.all(req.headers['x-forwarded-for'].split(','), localhostTest))
+
+	isSsl = req.connection.pair or (req.headers['x-forwarded-proto'] and req.headers['x-forwarded-proto'].indexOf('https') isnt -1)
+
+	if not isLocal and not isSsl
+		host = url.parse(Meteor.absoluteUrl()).hostname
+
+		host = host.replace(/:\d+$/, '')
+
+		res.writeHead 302,
+			'Location': 'https://' + host + req.url
+		res.end()
+		return
+
+
+for oldListener in oldHttpServerListeners
+	httpServer.addListener 'request', oldListener

packages/rocketchat-lib/server/startup/settings.coffee

@@ -77,6 +77,7 @@ RocketChat.settings.addGroup 'General', ->
 	@add 'Allow_Invalid_SelfSigned_Certs', false, { type: 'boolean' }
 	@add 'Disable_Favorite_Rooms', false, { type: 'boolean' }
 	@add 'CDN_PREFIX', '', { type: 'string' }
+	@add 'Force_SSL', false, { type: 'boolean', public: true }
 	@add 'Debug_Level', 'error', { type: 'select', values: [ { key: 'error', i18nLabel: 'Only_errors' }, { key: 'debug', i18nLabel: 'All_logs' } ] }
 	@add 'Restart', 'restart_server', { type: 'action', actionText: 'Restart_the_server' }