Skip to content


Piwik SSL detection should also read proxy ssl header: HTTP_X_FORWARDED_PROTO #3572

mattab opened this Issue · 2 comments

2 participants

Piwik Open Source Analytics member

For example, the Page Overlay report does not work over SSL on the demo because the _SERVER[is not set but _SERVER'HTTP_X_FORWARDED_PROTO' is

Piwik Open Source Analytics member

(In [7534]) Fixes #3572 Refs #2465 Overlay work on SSL on demo! NICE!


Probably doesn't matter here, but the reason I didn't include X-Forwarded-Proto is because it's non-standard and can be spoofed. Other variations are X-Forwarded-Ssl and X-Forwarded-Scheme. Hence "assume_secure_protocol".

@mattab mattab added this to the 1.10 - Piwik 1.10 milestone
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.