mod_bosh: Include warning if endpoint accessed insecurely (#1172) This is to make it obvious if a misconfigured a proxy or the request really is insecure. Perhaps it should also check c2s_require_encryption?

mod_bosh: Use message template from mod_http_error Looking Good! And most importantly, consistent.

mod_http_errors: Add a highlighted warning to template It looks sooooo good! Meant to be used by e.g. mod_bosh to warn in case the request is considered insecure.

mod_http_errors: Add way to reuse the error page template module:fire_event("http-message", {title = "hello"; message = "world"}) Goal is to enable consistent messages from Prosody. Not necessarily error messages, but warnings or just notices. This does cause some drift in the purpose of mod_http_errors, but that's okay.

mod_http_errors: Minify CSS Because It looks too big in view source!

Merge 0.11->trunk

mod_http: Fix trusted proxies check (thanks buildbot) is_trusted_proxy() is only in trunk, I dun goofed when I rebased 8603011e51fe from trunk.

mod_http: Optimize proxy IP check No need to do a subnet match comparison to see if two IP addresses match exactly.

mod_websocket: Inherit security status from http request Allows requests considered secure becasue of a proxy header to carry over to the client session. mod_bosh does this too.

mod_http: Consider x-forwarded-proto from trusted proxies Should be better than setting consider_{bosh,websocket}_secure as that may end up causing actually insecure requests to be considered secure. Doing it here, as with IP, should make this apply to all HTTP modules.