diff --git a/core/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php b/core/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php index 12a0572..c8ae6cb 100644 --- a/core/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php +++ b/core/lib/Drupal/Core/FileTransfer/Form/FileTransferAuthorizeForm.php @@ -52,9 +52,6 @@ public function getFormID() { * {@inheritdoc} */ public function buildForm(array $form, FormStateInterface $form_state) { - // If possible, we want to post this form securely via HTTPS. - $form['#https'] = TRUE; - // Get all the available ways to transfer files. if (empty($_SESSION['authorize_filetransfer_info'])) { drupal_set_message($this->t('Unable to continue, no available methods of file transfer'), 'error'); diff --git a/core/lib/Drupal/Core/Link.php b/core/lib/Drupal/Core/Link.php index 35dddee..489f54f 100644 --- a/core/lib/Drupal/Core/Link.php +++ b/core/lib/Drupal/Core/Link.php @@ -67,8 +67,7 @@ public function __construct($text, Url $url) { * current language for the language type LanguageInterface::TYPE_URL. * - 'https': Whether this URL should point to a secure location. If not * defined, the current scheme is used, so the user stays on HTTP or HTTPS - * respectively. if mixed mode sessions are permitted, TRUE enforces HTTPS - * and FALSE enforces HTTP. + * respectively. TRUE enforces HTTPS and FALSE enforces HTTP. * * @return static */ diff --git a/core/lib/Drupal/Core/Routing/UrlGeneratorInterface.php b/core/lib/Drupal/Core/Routing/UrlGeneratorInterface.php index e80e193..a30db19 100644 --- a/core/lib/Drupal/Core/Routing/UrlGeneratorInterface.php +++ b/core/lib/Drupal/Core/Routing/UrlGeneratorInterface.php @@ -58,8 +58,7 @@ * \Drupal::languageManager()->getCurrentLanguage(LanguageInterface::TYPE_URL). * - 'https': Whether this URL should point to a secure location. If not * defined, the current scheme is used, so the user stays on HTTP or HTTPS - * respectively. TRUE enforces HTTPS and FALSE enforces HTTP, but HTTPS can - * only be enforced when the variable 'https' is set to TRUE. + * respectively. TRUE enforces HTTPS and FALSE enforces HTTP. * - 'base_url': Only used internally, to modify the base URL when a language * dependent URL requires so. * - 'prefix': Only used internally, to modify the path when a language @@ -132,8 +131,7 @@ public function getPathFromRoute($name, $parameters = array()); * current language for the language type LanguageInterface::TYPE_URL. * - 'https': Whether this URL should point to a secure location. If not * defined, the current scheme is used, so the user stays on HTTP or HTTPS - * respectively. if mixed mode sessions are permitted, TRUE enforces HTTPS - * and FALSE enforces HTTP. + * respectively. TRUE enforces HTTPS and FALSE enforces HTTP. * - 'prefix': Only used internally, to modify the path when a language * dependent URL requires so. * diff --git a/core/lib/Drupal/Core/Url.php b/core/lib/Drupal/Core/Url.php index 9ea38b2..5e758d4 100644 --- a/core/lib/Drupal/Core/Url.php +++ b/core/lib/Drupal/Core/Url.php @@ -112,8 +112,7 @@ class Url { * current language for the language type LanguageInterface::TYPE_URL. * - 'https': Whether this URL should point to a secure location. If not * defined, the current scheme is used, so the user stays on HTTP or HTTPS - * respectively. if mixed mode sessions are permitted, TRUE enforces HTTPS - * and FALSE enforces HTTP. + * respectively. TRUE enforces HTTPS and FALSE enforces HTTP. * * @see static::fromRoute() * @see static::fromUri() @@ -153,8 +152,7 @@ public function __construct($route_name, $route_parameters = array(), $options = * current language for the language type LanguageInterface::TYPE_URL. * - 'https': Whether this URL should point to a secure location. If not * defined, the current scheme is used, so the user stays on HTTP or HTTPS - * respectively. if mixed mode sessions are permitted, TRUE enforces HTTPS - * and FALSE enforces HTTP. + * respectively. TRUE enforces HTTPS and FALSE enforces HTTP. * * @return \Drupal\Core\Url * A new Url object for a routed (internal to Drupal) URL. @@ -191,8 +189,7 @@ public static function fromRoute($route_name, $route_parameters = array(), $opti * current language for the language type LanguageInterface::TYPE_URL. * - 'https': Whether this URL should point to a secure location. If not * defined, the current scheme is used, so the user stays on HTTP or HTTPS - * respectively. if mixed mode sessions are permitted, TRUE enforces HTTPS - * and FALSE enforces HTTP. + * respectively. TRUE enforces HTTPS and FALSE enforces HTTP. * * @return \Drupal\Core\Url * A new Url object for an unrouted (non-Drupal) URL. diff --git a/core/lib/Drupal/Core/Utility/UnroutedUrlAssemblerInterface.php b/core/lib/Drupal/Core/Utility/UnroutedUrlAssemblerInterface.php index c1caa44..d224a47 100644 --- a/core/lib/Drupal/Core/Utility/UnroutedUrlAssemblerInterface.php +++ b/core/lib/Drupal/Core/Utility/UnroutedUrlAssemblerInterface.php @@ -44,8 +44,7 @@ * displayed outside the site, such as in an RSS feed. * - 'https': Whether this URL should point to a secure location. If not * defined, the current scheme is used, so the user stays on HTTP or HTTPS - * respectively. TRUE enforces HTTPS and FALSE enforces HTTP, but HTTPS can - * only be enforced when the variable 'https' is set to TRUE. + * respectively. TRUE enforces HTTPS and FALSE enforces HTTP. * * @return * A string containing a relative or absolute URL. diff --git a/core/modules/system/system.module b/core/modules/system/system.module index 9334a88..173037c 100644 --- a/core/modules/system/system.module +++ b/core/modules/system/system.module @@ -426,8 +426,6 @@ function system_authorized_init($callback, $file, $arguments = array(), $page_ti */ function system_authorized_get_url(array $options = array()) { global $base_url; - // Force HTTPS if available, regardless of what the caller specifies. - $options['https'] = TRUE; // Prefix with $base_url so url() treats it as an external link. $url = Url::fromUri('base://core/authorize.php'); $url_options = $url->getOptions();