From: pdontthink <pdontthink@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Date: Wed, 1 Apr 2009 21:18:59 +0000 (+0000)
Subject: Fix documentation
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=01f013c1311bc8cc3972b4472611901238096775;p=squirrelmail.git

Fix documentation

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13500 7612ce4b-ef26-0410-bec9-ea0150e637f0
---

diff --git a/functions/strings.php b/functions/strings.php
index d582cdc0..f62cf138 100644
--- a/functions/strings.php
+++ b/functions/strings.php
@@ -510,12 +510,11 @@ function get_location () {
     $port = '';
     if (! strstr($host, ':')) {
         // Note: HTTP_X_FORWARDED_PROTO could be sent from the client and
-        //       therefore possibly spoofed/hackable - for now, the
-        //       administrator can tell SM to ignore this value by setting
-        //       $sq_ignore_http_x_forwarded_headers to boolean TRUE in
-        //       config/config_local.php, but in the future we may
-        //       want to default this to TRUE and make administrators
-        //       who use proxy systems turn it off (see 1.5.2+).
+        //       therefore possibly spoofed/hackable.  Thus, SquirrelMail
+        //       ignores such headers by default.  The administrator
+        //       can tell SM to use such header values by setting
+        //       $sq_ignore_http_x_forwarded_headers to boolean FALSE
+        //       in config/config.php or by using config/conf.pl.
         global $sq_ignore_http_x_forwarded_headers;
         if ($sq_ignore_http_x_forwarded_headers
          || !sqgetGlobalVar('HTTP_X_FORWARDED_PROTO', $forwarded_proto, SQ_SERVER))