summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authorAchilleas Pipinellis <axil@gitlab.com>2018-01-24 10:11:30 +0100
committerAchilleas Pipinellis <axil@gitlab.com>2018-01-25 10:00:46 +0100
commit85940d766a30edb707b3e5154f38ae90c935e0a2 (patch)
tree7c64b81de3a7a977b9ff258edc5d780fd2efc39d /config
parent8f5d1d1371b47ab810a9e5ddff483f669d149363 (diff)
downloadgitlab-ce-85940d766a30edb707b3e5154f38ae90c935e0a2.tar.gz
Default to HTTPS for all Gravatar URLsdefault-to-https-for-gravatar-urls
If using gravatar.com, both plain_url and ssl_url in settings are now served via HTTPS. Make this the default.
Diffstat (limited to 'config')
-rw-r--r--config/gitlab.yml.example8
-rw-r--r--config/initializers/1_settings.rb2
2 files changed, 6 insertions, 4 deletions
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index f2f05b3eeb2..238e1583770 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -175,10 +175,12 @@ production: &base
host: 'https://mattermost.example.com'
## Gravatar
- ## For Libravatar see: http://doc.gitlab.com/ce/customization/libravatar.html
+ ## If using gravatar.com, there's nothing to change here. For Libravatar
+ ## you'll need to provide the custom URLs. For more information,
+ ## see: https://docs.gitlab.com/ee/customization/libravatar.html
gravatar:
- # gravatar urls: possible placeholders: %{hash} %{size} %{email} %{username}
- # plain_url: "http://..." # default: http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
+ # Gravatar/Libravatar URLs: possible placeholders: %{hash} %{size} %{email} %{username}
+ # plain_url: "http://..." # default: https://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
# ssl_url: "https://..." # default: https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon
## Auxiliary jobs
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index abc992e49dc..899e612ffbd 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -350,7 +350,7 @@ Settings.mattermost['host'] = nil unless Settings.mattermost.enabled
#
Settings['gravatar'] ||= Settingslogic.new({})
Settings.gravatar['enabled'] = true if Settings.gravatar['enabled'].nil?
-Settings.gravatar['plain_url'] ||= 'http://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
+Settings.gravatar['plain_url'] ||= 'https://www.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
Settings.gravatar['ssl_url'] ||= 'https://secure.gravatar.com/avatar/%{hash}?s=%{size}&d=identicon'
Settings.gravatar['host'] = Settings.host_without_www(Settings.gravatar['plain_url'])