mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
ENHANCEMENT: Ensure that forceSSL and protocol detection respects the X-Forwarded-Protocol header.
This commit is contained in:
parent
d261f4406a
commit
2648411829
@ -376,6 +376,7 @@ class Director {
|
||||
* @return String
|
||||
*/
|
||||
static function protocol() {
|
||||
if(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https') return "https://";
|
||||
return (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 'https://' : 'http://';
|
||||
}
|
||||
|
||||
@ -652,7 +653,7 @@ class Director {
|
||||
$matched = true;
|
||||
}
|
||||
|
||||
if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off')) {
|
||||
if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') && !(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https')) {
|
||||
$destURL = str_replace('http:', 'https:', Director::absoluteURL($_SERVER['REQUEST_URI']));
|
||||
|
||||
// This coupling to SapphireTest is necessary to test the destination URL and to not interfere with tests
|
||||
|
Loading…
Reference in New Issue
Block a user