Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Enabling the Request object to generate the correct scheme for SSL URI #5846

Merged
merged 2 commits into from

3 participants

@jeffery

Enabling the Request object to generate the correct scheme for SSL URI requests to a web server through an HTTP proxy or load balancer.

HTTP_X_FORWARDED_PROTO request header is sent by load balancers instead of HTTPS to indicate the URI was requested via a secure connection.

An example of this usage is Amazon Elastic Beanstalk applications which can sit behind a load balancer (when autoscaling)

@jeffery jeffery Enabling the Request object to generate the correct scheme for SSL UR…
…I requests to

a webserver through an HTTP proxy or load balance

HTTP_X_FORWARDED_PROTO request header is sent by loadbalancers insted of HTTPS to
indicate the URI was requested via a secure connection.

An example of this useage is Amazon Elastic Beanstalk applications which can sit
behind a load balancer (when autoscaling)
bb61145
library/Zend/Http/PhpEnvironment/Request.php
@@ -251,8 +251,14 @@ public function setServer(ParametersInterface $server)
$uri = new HttpUri();
// URI scheme
- $scheme = (!empty($this->serverParams['HTTPS'])
- && $this->serverParams['HTTPS'] !== 'off') ? 'https' : 'http';
+ if ((!empty($this->serverParams['HTTPS']) && $this->serverParams['HTTPS'] !== 'off')
+ || (!empty($this->serverParams['HTTP_X_FORWARDED_PROTO']) && $this->serverParams['HTTP_X_FORWARDED_PROTO'] == 'https')
+ ) {
+ $scheme = 'https';
+ }
+ else {
+ $scheme = 'http';
@Ocramius Collaborator

Tabs are not allowed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
library/Zend/Http/PhpEnvironment/Request.php
@@ -251,8 +251,14 @@ public function setServer(ParametersInterface $server)
$uri = new HttpUri();
// URI scheme
- $scheme = (!empty($this->serverParams['HTTPS'])
- && $this->serverParams['HTTPS'] !== 'off') ? 'https' : 'http';
+ if ((!empty($this->serverParams['HTTPS']) && $this->serverParams['HTTPS'] !== 'off')
+ || (!empty($this->serverParams['HTTP_X_FORWARDED_PROTO']) && $this->serverParams['HTTP_X_FORWARDED_PROTO'] == 'https')
+ ) {
+ $scheme = 'https';
+ }
+ else {
@Ocramius Collaborator

} else {

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
@jeffery

@Maks3w Could you review this change please.

@Maks3w Maks3w was assigned by jeffery
@Maks3w Maks3w merged commit ef7cc33 into from
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Feb 20, 2014
  1. @jeffery

    Enabling the Request object to generate the correct scheme for SSL UR…

    jeffery authored
    …I requests to
    
    a webserver through an HTTP proxy or load balance
    
    HTTP_X_FORWARDED_PROTO request header is sent by loadbalancers insted of HTTPS to
    indicate the URI was requested via a secure connection.
    
    An example of this useage is Amazon Elastic Beanstalk applications which can sit
    behind a load balancer (when autoscaling)
  2. @jeffery
This page is out of date. Refresh to see the latest.
View
9 library/Zend/Http/PhpEnvironment/Request.php
@@ -251,8 +251,13 @@ public function setServer(ParametersInterface $server)
$uri = new HttpUri();
// URI scheme
- $scheme = (!empty($this->serverParams['HTTPS'])
- && $this->serverParams['HTTPS'] !== 'off') ? 'https' : 'http';
+ if ((!empty($this->serverParams['HTTPS']) && $this->serverParams['HTTPS'] !== 'off')
+ || (!empty($this->serverParams['HTTP_X_FORWARDED_PROTO']) && $this->serverParams['HTTP_X_FORWARDED_PROTO'] == 'https')
+ ) {
+ $scheme = 'https';
+ } else {
+ $scheme = 'http';
+ }
$uri->setScheme($scheme);
// URI host & port
View
18 tests/ZendTest/Http/PhpEnvironment/RequestTest.php
@@ -387,6 +387,18 @@ public static function serverHostnameProvider()
'443',
'/news',
),
+ // Test for HTTPS requests which are forwarded over a reverse proxy/load balancer
+ array(
+ array(
+ 'SERVER_NAME' => 'test.example.com',
+ 'SERVER_PORT' => '443',
+ 'HTTP_X_FORWARDED_PROTO' => 'https',
+ 'REQUEST_URI' => 'https://test.example.com/news',
+ ),
+ 'test.example.com',
+ '443',
+ '/news',
+ ),
//Test when url quert contains a full http url
array(
@@ -416,6 +428,12 @@ public function testServerHostnameProvider(array $server, $expectedHost, $expect
$host = $request->getUri()->getHost();
$this->assertEquals($expectedHost, $host);
+ $uriParts = parse_url($_SERVER['REQUEST_URI']);
+ if (isset($uriParts['scheme'])) {
+ $scheme = $request->getUri()->getScheme();
+ $this->assertEquals($uriParts['scheme'], $scheme);
+ }
+
$port = $request->getUri()->getPort();
$this->assertEquals($expectedPort, $port);
Something went wrong with that request. Please try again.