Omit "Accessing site insecurely via HTTP." warning if HTTP is secure enough

This is the case for localhost and Tor hidden services. Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>
author: Alexander A. Klimov <grandmaster@al2klimov.de> 2023-03-21 22:50:08 +0100
committer: Simon L <szaimen@e.mail.de> 2023-04-17 23:38:29 +0200
commit: e3f1fae715e7787e516df4a8aa6fcedf6c0e531d (patch)
tree: 69927454d0c336348d74f3553e5ca03b3bc92ba3 /core/js/setupchecks.js
parent: 5cda8f0f45f1bc5261a08cf9014a3df11a5fd6a2 (diff)
download: nextcloud-server-e3f1fae715e7787e516df4a8aa6fcedf6c0e531d.tar.gz
nextcloud-server-e3f1fae715e7787e516df4a8aa6fcedf6c0e531d.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/core/js/setupchecks.js b/core/js/setupchecks.js
index b2d021c6265..827696be9ff 100644
--- a/core/js/setupchecks.js
+++ b/core/js/setupchecks.js
@@ -717,7 +717,7 @@
 							type: OC.SetupChecks.MESSAGE_TYPE_WARNING
 						});
 					}
-				} else {
+				} else if (!/(?:^(?:localhost|127\.0\.0\.1|::1)|\.onion)$/.exec(window.location.hostname)) {
 					messages.push({
 						msg: t('core', 'Accessing site insecurely via HTTP. You are strongly advised to set up your server to require HTTPS instead, as described in the {linkstart}security tips ↗{linkend}.')
 							.replace('{linkstart}', '<a target="_blank" rel="noreferrer noopener" class="external" href="' + tipsUrl + '">')
author	Alexander A. Klimov <grandmaster@al2klimov.de>	2023-03-21 22:50:08 +0100
committer	Simon L <szaimen@e.mail.de>	2023-04-17 23:38:29 +0200
commit	e3f1fae715e7787e516df4a8aa6fcedf6c0e531d (patch)
tree	69927454d0c336348d74f3553e5ca03b3bc92ba3 /core/js/setupchecks.js
parent	5cda8f0f45f1bc5261a08cf9014a3df11a5fd6a2 (diff)
download	nextcloud-server-e3f1fae715e7787e516df4a8aa6fcedf6c0e531d.tar.gz nextcloud-server-e3f1fae715e7787e516df4a8aa6fcedf6c0e531d.zip