BUG Add support for X-Forwarded-Proto checking SSL (Fixes #1416)

De-facto standard for identifying the originating protocol of an HTTP request through a reverse proxy or load balancer. http://www.geekisp.com/faq/6_65_en.html
2024-10-02 06:09:00 +02:00 · 2014-01-12 18:05:09 +13:00 · 2014-01-12 18:05:09 +13:00 · c61f6540fb
commit c61f6540fb
parent e7266535c5
1 changed files with 13 additions and 8 deletions
--- a/control/Director.php
+++ b/control/Director.php
@ -459,7 +459,7 @@ class Director implements TemplateGlobalProvider {
 	 */
 	public static function protocol() {
 		return (self::is_https()) ? 'https://' : 'http://';
-		}
+	}

 	/**
 	 * Return whether the site is running as under HTTPS.
@ -469,18 +469,23 @@ class Director implements TemplateGlobalProvider {
 	public static function is_https() {
 		if ($protocol = Config::inst()->get('Director', 'alternate_protocol')) {
 			return $protocol == 'https';
-	}
+		}

 		if(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL'])) { 
 			if(strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https') {
 				return true;
-	}
-	}
+			}
+		}
+
+		if(isset($_SERVER['X-Forwarded-Proto'])) {
+			if(strtolower($_SERVER['X-Forwarded-Proto']) == "https") {
+				return true;
+			}
+		}
 	
 		if((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) {
 			return true;
-	}
-		else if(isset($_SERVER['SSL'])) {
+		} else if(isset($_SERVER['SSL'])) {
 			return true;
 		}

@ -507,11 +512,11 @@ class Director implements TemplateGlobalProvider {
 				$baseURL = '/';
 			} else {
 				$baseURL = $base . '/';
-		}
+			}
 			
 			if(defined('BASE_SCRIPT_URL')) {
 				return $baseURL . BASE_SCRIPT_URL;
-	}
+			}
 	
 			return $baseURL;
 		}