Skip to content

Loading…

Piwik SSL detection should also read proxy ssl header: HTTP_X_FORWARDED_PROTO #3572

Closed
mattab opened this Issue · 2 comments

2 participants

@mattab
Piwik Open Source Analytics member

For example, the Page Overlay report does not work over SSL on the demo because the _SERVER[is not set but _SERVER'HTTP_X_FORWARDED_PROTO' is

@mattab
Piwik Open Source Analytics member

(In [7534]) Fixes #3572 Refs #2465 Overlay work on SSL on demo! NICE!

@robocoder

Probably doesn't matter here, but the reason I didn't include X-Forwarded-Proto is because it's non-standard and can be spoofed. Other variations are X-Forwarded-Ssl and X-Forwarded-Scheme. Hence "assume_secure_protocol".

@mattab mattab added this to the 1.10 - Piwik 1.10 milestone
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.