added a serverProtocol function that correctly returns the used protocol even if the ssl connection is terminated at a reverse_proxy or at a load balancer
This commit is contained in:
parent
670022cc8a
commit
0d2d613f59
16
lib/base.php
16
lib/base.php
|
@ -210,12 +210,10 @@ class OC{
|
||||||
// redirect to https site if configured
|
// redirect to https site if configured
|
||||||
if( OC_Config::getValue( "forcessl", false )){
|
if( OC_Config::getValue( "forcessl", false )){
|
||||||
ini_set("session.cookie_secure", "on");
|
ini_set("session.cookie_secure", "on");
|
||||||
if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') {
|
if(OC_Helper::serverProtocol()<>'https') {
|
||||||
if(!isset($_SERVER['HTTP_X_FORWARDED_PROTO']) or $_SERVER['HTTP_X_FORWARDED_PROTO']=='http') {
|
$url = "https://". OC_Helper::serverHost() . $_SERVER['REQUEST_URI'];
|
||||||
$url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
|
header("Location: $url");
|
||||||
header("Location: $url");
|
exit();
|
||||||
exit();
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -373,10 +371,10 @@ class OC{
|
||||||
|
|
||||||
// CSRF protection
|
// CSRF protection
|
||||||
if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
|
if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
|
||||||
if(isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']<>'') $protocol='https://'; else $protocol='http://';
|
$protocol=OC_Helper::serverProtocol().'://';
|
||||||
$server=$protocol.$_SERVER['SERVER_NAME'];
|
$server=$protocol.OC_Helper::serverHost();
|
||||||
if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) {
|
if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) {
|
||||||
$url = $protocol.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php';
|
$url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php';
|
||||||
header("Location: $url");
|
header("Location: $url");
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
|
|
|
@ -89,6 +89,26 @@ class OC_Helper {
|
||||||
return $host;
|
return $host;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief Returns the server protocol
|
||||||
|
* @returns the server protocol
|
||||||
|
*
|
||||||
|
* Returns the server protocol. It respects reverse proxy servers and load balancers
|
||||||
|
*/
|
||||||
|
public static function serverProtocol() {
|
||||||
|
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
|
||||||
|
$proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']);
|
||||||
|
}else{
|
||||||
|
if(isset($_SERVER['HTTPS']) and !empty($_SERVER['HTTPS']) and ($_SERVER['HTTPS']!='off')) {
|
||||||
|
$proto = 'https';
|
||||||
|
}else{
|
||||||
|
$proto = 'http';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return($proto);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Creates an absolute url
|
* @brief Creates an absolute url
|
||||||
* @param $app app
|
* @param $app app
|
||||||
|
@ -99,9 +119,7 @@ class OC_Helper {
|
||||||
*/
|
*/
|
||||||
public static function linkToAbsolute( $app, $file ) {
|
public static function linkToAbsolute( $app, $file ) {
|
||||||
$urlLinkTo = self::linkTo( $app, $file );
|
$urlLinkTo = self::linkTo( $app, $file );
|
||||||
// Checking if the request was made through HTTPS. The last in line is for IIS
|
$urlLinkTo = OC_Helper::serverProtocol(). '://' . self::serverHost() . $urlLinkTo;
|
||||||
$protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS']!='off');
|
|
||||||
$urlLinkTo = ($protocol?'https':'http') . '://' . self::serverHost() . $urlLinkTo;
|
|
||||||
return $urlLinkTo;
|
return $urlLinkTo;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -168,6 +168,18 @@ class Util {
|
||||||
return(\OC_Helper::serverHost());
|
return(\OC_Helper::serverHost());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @brief Returns the server protocol
|
||||||
|
* @returns the server protocol
|
||||||
|
*
|
||||||
|
* Returns the server protocol. It respects reverse proxy servers and load balancers
|
||||||
|
*/
|
||||||
|
public static function getServerProtocol() {
|
||||||
|
return(\OC_Helper::serverProtocol());
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Creates path to an image
|
* @brief Creates path to an image
|
||||||
* @param $app app
|
* @param $app app
|
||||||
|
|
Loading…
Reference in New Issue