From 417a16ea49640e735509ec969a924bf7f6b01808 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damian=20B=C3=BCchel?= <damian.buechel@let.ethz.ch>
Date: Mon, 19 Apr 2021 10:49:02 +0200
Subject: [PATCH] SEBWIN-471: Fixed bug where reconfiguration URL wasn't
 mandatory in a secure session.

---
 SafeExamBrowser.Client/ClientController.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/SafeExamBrowser.Client/ClientController.cs b/SafeExamBrowser.Client/ClientController.cs
index 70f1a10b..225425ef 100644
--- a/SafeExamBrowser.Client/ClientController.cs
+++ b/SafeExamBrowser.Client/ClientController.cs
@@ -341,13 +341,13 @@ namespace SafeExamBrowser.Client
 				{
 					var expression = Regex.Escape(Settings.Security.ReconfigurationUrl).Replace(@"\*", ".*");
 					var regex = new Regex($"^{expression}$", RegexOptions.IgnoreCase);
-					var sebUrl = args.Url.Replace(Uri.UriSchemeHttp, context.AppConfig.SebUriScheme).Replace(Uri.UriSchemeHttps, context.AppConfig.SebUriSchemeSecure);
+					var sebUrl = args.Url.Replace(Uri.UriSchemeHttps, context.AppConfig.SebUriSchemeSecure).Replace(Uri.UriSchemeHttp, context.AppConfig.SebUriScheme);
 
 					allow = Settings.Security.AllowReconfiguration && (regex.IsMatch(args.Url) || regex.IsMatch(sebUrl));
 				}
 				else
 				{
-					allow = Settings.Security.AllowReconfiguration;
+					logger.Warn("The active configuration does not contain a valid reconfiguration URL!");
 				}
 			}
 			else