Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

ENHANCEMENT: Ensure that forceSSL and protocol detection respects the…

… X-Forwarded-Protocol header.
  • Loading branch information...
commit 921bf9a4395b4625478e1851230ed3e170ae91a0 1 parent bf4476a
@sminnee sminnee authored
Showing with 2 additions and 1 deletion.
  1. +2 −1  core/control/Director.php
View
3  core/control/Director.php
@@ -397,6 +397,7 @@ static function protocolAndHost() {
* @return String
*/
static function protocol() {
+ if(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https') return "https://";
return (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 'https://' : 'http://';
}
@@ -646,7 +647,7 @@ static function forceSSL($patterns = null) {
$matched = true;
}
- if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off')) {
+ if($matched && (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') && !(isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) == 'https')) {
$destURL = str_replace('http:', 'https:', Director::absoluteURL($_SERVER['REQUEST_URI']));
// This coupling to SapphireTest is necessary to test the destination URL and to not interfere with tests
Please sign in to comment.
Something went wrong with that request. Please try again.