- allows editing users (currently the groups and username)
- allows any logged-in user to change the passwords of any other users
- improved url highlighting of subsubmenu
- Coverage should only be required if running tests
- When running test_coverage command all the install dependencies and
test dependencies should be installed.
- Implement coverage functionality as a setuptools Command subclass
(in plinth/tests/coverage/test_coverage.py)
- Register the new 'test_coverage' command in setup.py
- Modify the INSTALL file to specify python3-coverage as a new dependency
- Modify the HACKING file to document the new 'test_coverage' command
- Have git (via .gitignore) ignore the '.coverage' output data file and
the contents of the 'plinth/tests/coverage/report' directory
- Don't hijack the entire SSL site for sake of Plinth.
- Serve both HTTP and HTTPS sites with default configuration.
- plinth-ssl configuration only make SSL compulsory.
- Document modules required for configuration to work properly.
- Don't disable default site during FreedomBox setup run. This is no
longer required.
- Request Apache to send X-Forwarded-Proto header.
- Use X-Forwarded-Proto header to understand original protocol
requested.
- Use X-Forwarded-Host header to understand original host requested.
- Allow any incoming host header so that FreedomBox can have any
hostname and when user requests for Plint with that hostname, it
works.
- Don't depend on Apache to rewrite the Location: header. Instead use
the original host and original scheme to set proper Location: header.
When Apache proxy forwards a request it usually makes the request to the
backend server with a new Host: header but sends the original host
information using a special header X-FORWARDED-HOST: header. It is a
common practise. The backend can be make the choice of which header to
use based on the knowledge that it is running behind a proxy server.
Since hostname of a FreedomBox machine could be anyting and it could
change during the operation of Plinth, having a list of incoming Host:
header values is not going to be easy in Plinth. If Apache were not to
force override this header, managing list of Host: header values will
become easiler in Plinth. If Plinth indeed wants to know the original
host name by which user refferred to it, it can use the
X-FORWARDED-HOST: header which is the norm in these situtations.
