From 921bf9a4395b4625478e1851230ed3e170ae91a0 Mon Sep 17 00:00:00 2001
From: Sam Minnee <sam@silverstripe.com>
Date: Fri, 3 Feb 2012 09:39:10 +1300
Subject: [PATCH] ENHANCEMENT: Ensure that forceSSL and protocol detection
 respects the X-Forwarded-Protocol header.

---
 core/control/Director.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/core/control/Director.php b/core/control/Director.php
index f9847b5fb..343a1bef6 100755
--- a/core/control/Director.php
+++ b/core/control/Director.php
@@ -397,6 +397,7 @@ class Director {
 	 * @return String
 	 */
 	static function protocol() {
+		if(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https') return "https://";
 		return (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 'https://' : 'http://';
 	}
 
@@ -646,7 +647,7 @@ class Director {
 			$matched = true;
 		}
 
-		if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off')) {
+		if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') && !(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https')) {
 			$destURL = str_replace('http:', 'https:', Director::absoluteURL($_SERVER['REQUEST_URI']));
 
 			// This coupling to SapphireTest is necessary to test the destination URL and to not interfere with tests