ENHANCEMENT: Ensure that forceSSL and protocol detection respects the X-Forwarded-Protocol header.

This commit is contained in:
Sam Minnee 2012-02-03 09:49:37 +13:00
parent d261f4406a
commit 2648411829

View File

@ -376,6 +376,7 @@ class Director {
* @return String
*/
static function protocol() {
if(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https') return "https://";
return (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 'https://' : 'http://';
}
@ -652,7 +653,7 @@ class Director {
$matched = true;
}
if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off')) {
if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') && !(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https')) {
$destURL = str_replace('http:', 'https:', Director::absoluteURL($_SERVER['REQUEST_URI']));
// This coupling to SapphireTest is necessary to test the destination URL and to not interfere with tests