Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

- Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243) + fix…

… port check
  • Loading branch information...
commit 5818e44345204e2323781adb87edcfba45e246a8 1 parent d22f4e6
@alecpl alecpl authored
View
1  CHANGELOG
@@ -1,6 +1,7 @@
CHANGELOG RoundCube Webmail
===========================
+- Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243)
- Avoid unnecessary page loads for selected tab (#1486032)
- Fix quota indicator issues by content generation on client-size (#1486197, #1486220)
- Don't display disabled sections in Settings (#1486099)
View
2  index.php
@@ -66,7 +66,7 @@
// check if https is required (for login) and redirect if necessary
if (empty($_SESSION['user_id']) && ($force_https = $RCMAIL->config->get('force_https', false))) {
$https_port = is_bool($force_https) ? 443 : $force_https;
- if (!(isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] == $use_https || $RCMAIL->config->get('use_https'))) {
+ if (!rcube_https_check($https_port)) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . ($https_port != 443 ? ':' . $https_port : '') . $_SERVER['REQUEST_URI']);
exit;
}
View
21 program/include/main.inc
@@ -1401,6 +1401,27 @@ function rcube_html_editor($mode='')
/**
+ * Check if working in SSL mode
+ *
+ * @param integer HTTPS port number
+ * @param boolean Enables 'use_https' option checking
+ */
+function rcube_https_check($port=null, $use_https=true)
+{
+ global $RCMAIL;
+
+ if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')
+ return true;
+ if ($port && $_SERVER['SERVER_PORT'] == $port)
+ return true;
+ if ($use_https && $RCMAIL->config->get('use_https'))
+ return true;
+
+ return false;
+}
+
+
+/**
* E-mail address validation
*/
function check_email($email)
View
2  program/include/rcube_shared.inc
@@ -41,7 +41,7 @@ function send_nocacheing_headers()
header("Pragma: no-cache");
// We need to set the following headers to make downloads work using IE in HTTPS mode.
- if (isset($_SERVER['HTTPS']) || rcmail::get_instance()->config->get('use_https')) {
+ if (rcube_https_check()) {
header('Pragma: ');
header('Cache-Control: ');
}
Please sign in to comment.
Something went wrong with that request. Please try again.