mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

added a serverProtocol function that correctly returns the used protocol even if the ssl connection is terminated at a reverse_proxy or at a load balancer

This commit is contained in:
Frank Karlitschek 2012-06-01 11:06:49 +02:00
parent 670022cc8a
commit 0d2d613f59
3 changed files with 40 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/base.php
View File

@ -210,12 +210,10 @@ class OC{
// redirect to https site if configured // redirect to https site if configured
if( OC_Config::getValue( "forcessl", false )){ if( OC_Config::getValue( "forcessl", false )){
ini_set("session.cookie_secure", "on"); ini_set("session.cookie_secure", "on");
if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') { if(OC_Helper::serverProtocol()<>'https') {
if(!isset($_SERVER['HTTP_X_FORWARDED_PROTO']) or $_SERVER['HTTP_X_FORWARDED_PROTO']=='http') { $url = "https://". OC_Helper::serverHost() . $_SERVER['REQUEST_URI'];
$url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; header("Location: $url");
header("Location: $url"); exit();
exit();
}
} }
} }
} }
@ -373,10 +371,10 @@ class OC{
// CSRF protection // CSRF protection
if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer=''; if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
if(isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']<>'') $protocol='https://'; else $protocol='http://'; $protocol=OC_Helper::serverProtocol().'://';
$server=$protocol.$_SERVER['SERVER_NAME']; $server=$protocol.OC_Helper::serverHost();
if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) { if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) {
$url = $protocol.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php'; $url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php';
header("Location: $url"); header("Location: $url");
exit(); exit();
} }

24
lib/helper.php
View File

@ -89,6 +89,26 @@ class OC_Helper {
return $host; return $host;
} }
/**
* @brief Returns the server protocol
* @returns the server protocol
*
* Returns the server protocol. It respects reverse proxy servers and load balancers
*/
public static function serverProtocol() {
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
$proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']);
}else{
if(isset($_SERVER['HTTPS']) and !empty($_SERVER['HTTPS']) and ($_SERVER['HTTPS']!='off')) {
$proto = 'https';
}else{
$proto = 'http';
}
}
return($proto);
}
/** /**
* @brief Creates an absolute url * @brief Creates an absolute url
* @param $app app * @param $app app
@ -99,9 +119,7 @@ class OC_Helper {
*/ */
public static function linkToAbsolute( $app, $file ) { public static function linkToAbsolute( $app, $file ) {
$urlLinkTo = self::linkTo( $app, $file ); $urlLinkTo = self::linkTo( $app, $file );
// Checking if the request was made through HTTPS. The last in line is for IIS $urlLinkTo = OC_Helper::serverProtocol(). '://' . self::serverHost() . $urlLinkTo;
$protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS']!='off');
$urlLinkTo = ($protocol?'https':'http') . '://' . self::serverHost() . $urlLinkTo;
return $urlLinkTo; return $urlLinkTo;
} }

12
lib/public/util.php
View File

@ -168,6 +168,18 @@ class Util {
return(\OC_Helper::serverHost()); return(\OC_Helper::serverHost());
} }
/**
* @brief Returns the server protocol
* @returns the server protocol
*
* Returns the server protocol. It respects reverse proxy servers and load balancers
*/
public static function getServerProtocol() {
return(\OC_Helper::serverProtocol());
}
/** /**
* @brief Creates path to an image * @brief Creates path to an image
* @param $app app * @param $app app