added a serverProtocol function that correctly returns the used protocol even if the ssl connection is terminated at a reverse_proxy or at a load balancer
This commit is contained in:
parent
baae4c741d
commit
24d14783d7
10
lib/base.php
10
lib/base.php
|
@ -214,8 +214,8 @@ class OC{
|
|||
// redirect to https site if configured
|
||||
if( OC_Config::getValue( "forcessl", false )){
|
||||
ini_set("session.cookie_secure", "on");
|
||||
if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') {
|
||||
$url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
|
||||
if(OC_Helper::serverProtocol()<>'https') {
|
||||
$url = "https://". OC_Helper::serverHost() . $_SERVER['REQUEST_URI'];
|
||||
header("Location: $url");
|
||||
exit();
|
||||
}
|
||||
|
@ -376,11 +376,11 @@ class OC{
|
|||
|
||||
// CSRF protection
|
||||
if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
|
||||
if(isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']<>'') $protocol='https://'; else $protocol='http://';
|
||||
$protocol=OC_Helper::serverProtocol().'://';
|
||||
if(!self::$CLI){
|
||||
$server=$protocol.$_SERVER['SERVER_NAME'];
|
||||
$server=$protocol.OC_Helper::serverHost();
|
||||
if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) {
|
||||
$url = $protocol.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php';
|
||||
$url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php';
|
||||
header("Location: $url");
|
||||
exit();
|
||||
}
|
||||
|
|
|
@ -89,6 +89,27 @@ class OC_Helper {
|
|||
return $host;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @brief Returns the server protocol
|
||||
* @returns the server protocol
|
||||
*
|
||||
* Returns the server protocol. It respects reverse proxy servers and load balancers
|
||||
*/
|
||||
public static function serverProtocol() {
|
||||
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
|
||||
$proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']);
|
||||
}else{
|
||||
if(isset($_SERVER['HTTPS']) and !empty($_SERVER['HTTPS']) and ($_SERVER['HTTPS']!='off')) {
|
||||
$proto = 'https';
|
||||
}else{
|
||||
$proto = 'http';
|
||||
}
|
||||
}
|
||||
return($proto);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @brief Creates an absolute url
|
||||
* @param $app app
|
||||
|
@ -99,9 +120,7 @@ class OC_Helper {
|
|||
*/
|
||||
public static function linkToAbsolute( $app, $file ) {
|
||||
$urlLinkTo = self::linkTo( $app, $file );
|
||||
// Checking if the request was made through HTTPS. The last in line is for IIS
|
||||
$protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS']!='off');
|
||||
$urlLinkTo = ($protocol?'https':'http') . '://' . self::serverHost() . $urlLinkTo;
|
||||
$urlLinkTo = OC_Helper::serverProtocol(). '://' . self::serverHost() . $urlLinkTo;
|
||||
return $urlLinkTo;
|
||||
}
|
||||
|
||||
|
|
|
@ -168,6 +168,16 @@ class Util {
|
|||
return(\OC_Helper::serverHost());
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Returns the server protocol
|
||||
* @returns the server protocol
|
||||
*
|
||||
* Returns the server protocol. It respects reverse proxy servers and load balancers
|
||||
*/
|
||||
public static function getServerProtocol() {
|
||||
return(\OC_Helper::serverProtocol());
|
||||
}
|
||||
|
||||
/**
|
||||
* @brief Creates path to an image
|
||||
* @param $app app
|
||||
|
|
Loading…
Reference in New Issue