Warn install users that future versions of certbot will automatically redirect (#6976)

First step of #6960. * Warn install users that future versions of certbot will automatically redirect * Only warn when the user declines or auto-declines redirect * Unit tests * Update changelog
2026-01-26 07:41:33 +03:00 · 2019-04-26 12:43:09 -07:00
parent 333ea90d1b
commit c99079fb0a
3 changed files with 23 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,6 +22,9 @@ Certbot adheres to [Semantic Versioning](https://semver.org/).
  `malformed` error to be received from the ACME server.
 * Linode DNS plugin now supports api keys created from their new panel
  at [cloud.linode.com](https://cloud.linode.com)
+* Adding a warning noting that future versions of Certbot will automatically configure the
+  webserver so that all requests redirect to secure HTTPS access. You can control this
+  behavior and disable this warning with the --redirect and --no-redirect flags.

 ### Fixed

--- a/certbot/client.py
+++ b/certbot/client.py
@@ -549,6 +549,11 @@ class Client(object):
                if ask_redirect:
                    if config_name == "redirect" and config_value is None:
                        config_value = enhancements.ask(enhancement_name)
+                        if not config_value:
+                            logger.warning("Future versions of Certbot will automatically "
+                                "configure the webserver so that all requests redirect to secure "
+                                "HTTPS access. You can control this behavior and disable this "
+                                "warning with the --redirect and --no-redirect flags.")
                if config_value:
                    self.apply_enhancement(domains, enhancement_name, option)
                    enhanced = True
--- a/certbot/tests/client_test.py
+++ b/certbot/tests/client_test.py
@@ -564,6 +564,21 @@ class EnhanceConfigTest(ClientTestCommon):
        self.assertEqual(mock_log.warning.call_args[0][1],
                          'redirect')

+    @mock.patch("certbot.client.logger")
+    def test_config_set_no_warning_redirect(self, mock_log):
+        self.config.redirect = False
+        self._test_with_already_existing()
+        self.assertFalse(mock_log.warning.called)
+
+    @mock.patch("certbot.client.enhancements.ask")
+    @mock.patch("certbot.client.logger")
+    def test_warn_redirect(self, mock_log, mock_ask):
+        self.config.redirect = None
+        mock_ask.return_value = False
+        self._test_with_already_existing()
+        self.assertTrue(mock_log.warning.called)
+        self.assertTrue("disable" in mock_log.warning.call_args[0][0])
+
    def test_no_ask_hsts(self):
        self.config.hsts = True
        self._test_with_all_supported()