Omit "Accessing site insecurely via HTTP." warning if HTTP is secure enough

This is the case for localhost and Tor hidden services.

Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>

diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js
index b2d021c626515cae42eae7911125123baa6370f0..827696be9ff81156981be4ab59b76a32ebb16d73 100644 (file)
--- a/core/js/setupchecks.js
+++ b/core/js/setupchecks.js
@@ -717,7 +717,7 @@
                                                        type: OC.SetupChecks.MESSAGE_TYPE_WARNING
                                                });
                                        }
-                               } else {
+                               } else if (!/(?:^(?:localhost|127\.0\.0\.1|::1)|\.onion)$/.exec(window.location.hostname)) {
                                        messages.push({
                                                msg: t('core', 'Accessing site insecurely via HTTP. You are strongly advised to set up your server to require HTTPS instead, as described in the {linkstart}security tips ↗{linkend}.')
                                                        .replace('{linkstart}', '<a target="_blank" rel="noreferrer noopener" class="external" href="' + tipsUrl + '">')