#! /bin/sh

# Redirect HTTP URLs to equivalent HTTPs when that seems to be the problem.
#   Turn on this kludge with
#	ErrorDocument 403 /cgi-bin/http2https
#   after installing this script in your CGI-bin directory.

# --S-LICENSE--
#	$Revision: 1.9 $


# This script is only intended for 403 errors
if test "$REDIRECT_STATUS" != "403"; then
    cat <<EOF
Status: 500 Internal Server Error
Content-type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<HTML>
<HEAD>
<TITLE>500 Internal Server Error</TITLE>
</HEAD>
<BODY style="background-color:white;color:black">
<H1>500 Internal Server Error</H1>
Invalid use of http2https for $REDIRECT_STATUS.
<P><HR>
<ADDRESS>$SERVER_SIGNATURE</ADDRESS>
</BODY>
</HTML>
EOF
    exit
fi


# if things seem to be happening with SSL, pretend we're not here
if test "$HTTPS" = "on" -o "$REDIRECT_HTTPS" = "on"; then
    if test "$REDIRECT_ERROR_NOTES" = ""; then
	REDIRECT_ERROR_NOTES="You don't have permission to access $REQUEST_URI on this server."
    fi
    cat <<EOF
Status: 403 Forbidden
Content-type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<HTML>
<HEAD>
<TITLE>403 Forbidden</TITLE>
</HEAD>
<BODY style="background-color:white;color:black">
<H1>Forbidden</H1>
$REDIRECT_ERROR_NOTES
<P><HR>
<ADDRESS>$SERVER_SIGNATURE</ADDRESS>
</BODY>
</HTML>
EOF
    exit
fi


cat <<EOF
Status: 301 Moved Permanently
Location: https://$SERVER_NAME$REQUEST_URI
Content-type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<HTML>
<HEAD>
<TITLE>HTTPS Required</TITLE>
</HEAD>
<BODY style="background-color:white;color:black">
<H1>HTTPS Required</H1>
You must use HTTPS to access $REQUEST_URI on this server.
<P><HR>
<ADDRESS>$SERVER_SIGNATURE</ADDRESS>
</BODY>
</HTML>
EOF
