mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
ENHANCEMENT: Ensure that forceSSL and protocol detection respects the X-Forwarded-Protocol header.
This commit is contained in:
parent
d261f4406a
commit
2648411829
@ -376,6 +376,7 @@ class Director {
|
|||||||
* @return String
|
* @return String
|
||||||
*/
|
*/
|
||||||
static function protocol() {
|
static function protocol() {
|
||||||
|
if(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https') return "https://";
|
||||||
return (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 'https://' : 'http://';
|
return (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 'https://' : 'http://';
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -652,7 +653,7 @@ class Director {
|
|||||||
$matched = true;
|
$matched = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off')) {
|
if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') && !(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https')) {
|
||||||
$destURL = str_replace('http:', 'https:', Director::absoluteURL($_SERVER['REQUEST_URI']));
|
$destURL = str_replace('http:', 'https:', Director::absoluteURL($_SERVER['REQUEST_URI']));
|
||||||
|
|
||||||
// This coupling to SapphireTest is necessary to test the destination URL and to not interfere with tests
|
// This coupling to SapphireTest is necessary to test the destination URL and to not interfere with tests
|
||||||
|
Loading…
Reference in New Issue
Block a user