From 2648411829bd8a851df78c63f5f8f763c70a63bc Mon Sep 17 00:00:00 2001 From: Sam Minnee Date: Fri, 3 Feb 2012 09:49:37 +1300 Subject: [PATCH] ENHANCEMENT: Ensure that forceSSL and protocol detection respects the X-Forwarded-Protocol header. --- control/Director.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/control/Director.php b/control/Director.php index a0833df61..5b173d1cb 100644 --- a/control/Director.php +++ b/control/Director.php @@ -376,6 +376,7 @@ class Director { * @return String */ static function protocol() { + if(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https') return "https://"; return (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 'https://' : 'http://'; } @@ -652,7 +653,7 @@ class Director { $matched = true; } - if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off')) { + if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') && !(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https')) { $destURL = str_replace('http:', 'https:', Director::absoluteURL($_SERVER['REQUEST_URI'])); // This coupling to SapphireTest is necessary to test the destination URL and to not interfere with tests