Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve checking the use of SSL #2783

Merged
merged 1 commit into from May 8, 2019

Conversation

Projects
None yet
3 participants
@StijnVrolijk
Copy link
Contributor

commented Mar 27, 2019

Type

  • Enhancement

Pull request description

Servers that are behind a proxy will always have %{HTTPS} === off.
To prevent infinite redirect loops in this scenario this commit adds a check on the X-Forwarded-Proto header before defaulting back to the %{HTTPS} check. This should cover about 99% of possible htaccess/ssl related scenarios.

Improve checking the use of SSL
Servers that are behind a proxy will always have `%{HTTPS} === off`.
To prevent infinite redirect loops in this scenario this commit adds a
check on the
[X-Forwarded-Proto](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto)
header before defaulting back to the `%{HTTPS}` check. This should cover
about 99% of possible htaccess/ssl related scenarios.

@StijnVrolijk StijnVrolijk added this to the 5.5.3 milestone Mar 27, 2019

@StijnVrolijk StijnVrolijk requested review from forkcms/core-contributors Mar 27, 2019

Show resolved Hide resolved .htaccess
@carakas

carakas approved these changes May 8, 2019

@carakas carakas merged commit cb9e30a into master May 8, 2019

5 checks passed

Scrutinizer No new issues
Details
continuous-integration/styleci/pr The analysis has passed
Details
continuous-integration/styleci/push The analysis has passed
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details

@carakas carakas deleted the improve-ssl-check branch May 8, 2019

@carakas carakas modified the milestones: 5.5.3, 6.0.0, 5.6.0 May 21, 2019

@carakas carakas added this to the 5.6.0 milestone Jun 13, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.