-
Notifications
You must be signed in to change notification settings - Fork 432
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix get_absolute_root_url() to detect secure connection #914
Conversation
include/functions_url.inc.php
Outdated
{ | ||
if ( | ||
(isset($_SERVER['HTTPS']) && ((strtolower($_SERVER['HTTPS']) == 'on') or ($_SERVER['HTTPS'] == 1))) | ||
|| (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this should mix or
and ||
. I think the Piwigo standard is to favour the former.
Hi, I'd really like to get this applied :-) I'm new to Piwigo and I almost gave up setting it up. It took me half a day to find this issue as I'm running Piwigo behind a traefik2 https-proxy. Maybe this would also fix #1128. There someone describes the same issues I am having (though he does not talk about a proxy-setup). Just for completenes: Br |
@samwilson I personally needed to patch the code while running piwigo inside docker (apache + php) on port 8080 with Caddy in front as reverse proxy for SSL. Piwigo should not try to build the full path to anything and just stick with relative paths and let the browser handle it. |
@jobec I'm not a maintainer here, just a random user. My experience has been that PRs are slow to move. |
I would also like this issue to be resolved, we use a proxy and its really not a nice solution to patch the code each time a new update comes out. |
Meanwhile, I bypassed the issue by adding this to my config.inc.php file: // Support X-Forwarded-Proto header for HTTPS detection
if ( $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ) {
$_SERVER['HTTPS'] = 'on';
} That way I don't need to mess around with piwigo's code but still have it respond to the defacto X-Forwarded-Proto header. |
I also had to add |
I did not required the SERVER_PORT setting. But the check for X-Forwarded-Proto is a must, and please, should be merged asap. |
the server port is probably also available as the variable @jobec thank you for that hack, you have saved me some time. |
I close this pull-request, as a duplicate of #483 |
if a reverse proxy is used