+# Set a (non-standard) HTTPS port
+sub commandB10 {
+ print "If you run HTTPS (SSL-secured HTTP) on a non-standard port, you should\n";
+ print "indicate that port here. Even if you do not, SquirrelMail may still\n";
+ print "auto-detect secure connections, but it is safer and also very useful\n";
+ print "for third party plugins if you specify the port number here.\n";
+ print "\n";
+ print "Most SquirrelMail administrators will not need to use this setting\n";
+ print "because most all web servers use port 443 for HTTPS connections, and\n";
+ print "SquirrelMail assumes 443 unless something else is given here.\n";
+ print "\n";
+
+ print "Enter your HTTPS port [$sq_https_port]: ";
+ my $tmp = <STDIN>;
+ $tmp = trim($tmp);
+ # value is not modified, if user hits Enter or enters space
+ if ($tmp ne '') {
+ # make sure that input is numeric
+ if ($tmp =~ /^\d+$/) {
+ $sq_https_port = $tmp;
+ } else {
+ print "\n";
+ print "--- INPUT ERROR ---\n";
+ print "\n";
+ print "If you want to change this setting, you must enter a number.\n";
+ print "If you want to keep the original value, just press Enter.\n\n";
+ print "Press Enter to continue...";
+ $tmp = <STDIN>;
+ }
+ }
+ return $sq_https_port;
+}
+
+# Ignore HTTP_X_FORWARDED_* headers?
+sub commandB11 {
+
+ if ( lc($sq_ignore_http_x_forwarded_headers) eq 'true' ) {
+ $default_value = "y";
+ } else {
+ $default_value = "n";
+ }
+
+ print "Because HTTP_X_FORWARDED_* headers can be sent by the client and\n";
+ print "therefore possibly exploited by an outsider, SquirrelMail ignores\n";
+ print "them by default. If a proxy server or other machine sits between\n";
+ print "clients and your SquirrelMail server, you can turn this off to\n";
+ print "tell SquirrelMail to use such headers.\n";
+ print "\n";
+
+ print "Ignore HTTP_X_FORWARDED headers? (y/n) [$WHT$default_value$NRM]: $WHT";
+ $sq_ignore_http_x_forwarded_headers = <STDIN>;
+ if ( ( $sq_ignore_http_x_forwarded_headers =~ /^y\n/i ) || ( ( $sq_ignore_http_x_forwarded_headers =~ /^\n/ ) && ( $default_value eq "y" ) ) ) {
+ $sq_ignore_http_x_forwarded_headers = 'true';
+ } else {
+ $sq_ignore_http_x_forwarded_headers = 'false';
+ }
+ return $sq_ignore_http_x_forwarded_headers;
+}
+