From fd2b172365575fc6a5420aea0eb3073deb19326b Mon Sep 17 00:00:00 2001 From: William Desportes Date: Mon, 9 Dec 2019 21:07:18 +0100 Subject: [PATCH] Fix #15621 - Support CloudFront-Forwarded-Proto header Signed-off-by: William Desportes --- libraries/classes/Config.php | 3 +++ test/classes/ConfigTest.php | 28 ++++++++++++++++++---------- 2 files changed, 21 insertions(+), 10 deletions(-) diff --git a/libraries/classes/Config.php b/libraries/classes/Config.php index 2b4ccef7e274..03a798cd2a09 100644 --- a/libraries/classes/Config.php +++ b/libraries/classes/Config.php @@ -1340,6 +1340,9 @@ public function isHttps() $is_https = true; } elseif (strtolower(Core::getenv('HTTP_X_FORWARDED_PROTO')) == 'https') { $is_https = true; + } elseif (strtolower(Core::getenv('HTTP_CLOUDFRONT_FORWARDED_PROTO')) === 'https') { + // Amazon CloudFront, issue #15621 + $is_https = true; } elseif (Core::getenv('SERVER_PORT') == 443) { $is_https = true; } diff --git a/test/classes/ConfigTest.php b/test/classes/ConfigTest.php index 3726d2752881..2c294a45c66f 100644 --- a/test/classes/ConfigTest.php +++ b/test/classes/ConfigTest.php @@ -550,7 +550,7 @@ public function testGetSetSource() * * @dataProvider httpsParams */ - public function testIsHttps($scheme, $https, $uri, $lb, $front, $proto, $port, $expected) + public function testIsHttps($scheme, $https, $uri, $lb, $front, $proto, $protoCloudFront, $pmaAbsoluteUri, $port, $expected) { $_SERVER['HTTP_SCHEME'] = $scheme; $_SERVER['HTTPS'] = $https; @@ -558,9 +558,11 @@ public function testIsHttps($scheme, $https, $uri, $lb, $front, $proto, $port, $ $_SERVER['HTTP_HTTPS_FROM_LB'] = $lb; $_SERVER['HTTP_FRONT_END_HTTPS'] = $front; $_SERVER['HTTP_X_FORWARDED_PROTO'] = $proto; + $_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] = $protoCloudFront; $_SERVER['SERVER_PORT'] = $port; $this->object->set('is_https', null); + $this->object->set('PmaAbsoluteUri', $pmaAbsoluteUri); $this->assertEquals($expected, $this->object->isHttps()); } @@ -572,15 +574,21 @@ public function testIsHttps($scheme, $https, $uri, $lb, $front, $proto, $port, $ public function httpsParams() { return array( - array('http', '', '', '', '', 'http', 80, false), - array('http', '', 'http://', '', '', 'http', 80, false), - array('http', '', '', '', '', 'http', 443, true), - array('http', '', '', '', '', 'https', 80, true), - array('http', '', '', '', 'on', 'http', 80, true), - array('http', '', '', 'on', '', 'http', 80, true), - array('http', '', 'https://', '', '', 'http', 80, true), - array('http', 'on', '', '', '', 'http', 80, true), - array('https', '', '', '', '', 'http', 80, true), + array('http', '', '', '', '', 'http', '', '', 80, false), + array('http', '', 'http://', '', '', 'http', '', '', 80, false), + array('http', '', '', '', '', 'http', '', '', 443, true), + array('http', '', '', '', '', 'https', '', '', 80, true), + array('http', '', '', '', 'on', 'http', '', '', 80, true), + array('http', '', '', 'on', '', 'http', '', '', 80, true), + array('http', '', 'https://', '', '', 'http', '', '', 80, true), + array('http', 'on', '', '', '', 'http', '', '', 80, true), + array('https', '', '', '', '', 'http', '', '', 80, true), + array('http', '', '', '', '', '', 'https', '', 80, true), + array('http', '', '', '', '', 'https', 'http', '', 80, true), + array('https', '', '', '', '', '', '', '', 80, true), + array('http', '', '', '', '', '', '', '', 8080, false), + array('', '', '', '', '', '', '', 'https://127.0.0.1', 80, true), + array('', '', '', '', '', '', '', 'http://127.0.0.1', 80, false), ); }