Skip to content
This repository has been archived by the owner on Nov 3, 2023. It is now read-only.

Commit

Permalink
Also check the X-Forwarded-Proto header when determining HTTPS (see #…
Browse files Browse the repository at this point in the history 
…8691).
  • Loading branch information
@leofeyer
leofeyer committed Apr 18, 2017
1 parent 73218ac commit 40a0541
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 0 deletions.
3 changes: 3 additions & 0 deletions system/docs/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ Contao Open Source CMS changelog
Version 3.5.26 (2017-XX-XX)
---------------------------

### Fixed
Also check the X-Forwarded-Proto header when determining HTTPS (see #8691).

### Fixed
Correctly support 64 character template names everywhere (see #6819).

Expand Down
5 changes: 5 additions & 0 deletions system/modules/core/library/Contao/Environment.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -311,6 +311,11 @@ protected static function httpXForwardedHost()
*/
protected static function ssl()
{
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && in_array($_SERVER['REMOTE_ADDR'], trimsplit(',', \Config::get('proxyServerIps'))))
{
return $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
}

return ($_SERVER['SSL_SESSION_ID'] || $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1);
}

Expand Down

0 comments on commit 40a0541

Please sign in to comment.