adding X-Forwarded-Proto support in is_ssl()

This commit adds support for X-Forwarded-Proto in case dokuwiki runs
behind a reverse (SSL) proxy, but the connection between the proxy and
the web server running dokuwki is plain HTTP. If an authenticated
user is accidentaly dropped to HTTP from HTTPS the securecookie setting
should be honored and the redirection when saving or canceling a page
edit should point to the correct protocol. This happens every time a
user hits cancel after editing a page, and likely even after saving. If
the webserver doesn't enforce HTTPS the coockie might be sent in clear.

1 files changed, 8 insertions, 4 deletions

diff --git a/inc/init.php b/inc/init.php
index 4ff239787..d825b5250 100644
--- a/inc/init.php
+++ b/inc/init.php
@@ -456,10 +456,6 @@ function getBaseURL($abs=null){
         $port = '';
     }
 
-    if(!$port && isset($_SERVER['SERVER_PORT'])) {
-        $port = $_SERVER['SERVER_PORT'];
-    }
-
     if(is_null($port)){
         $port = '';
     }
@@ -490,6 +486,14 @@ function getBaseURL($abs=null){
  * @returns bool true when SSL is active
  */
 function is_ssl(){
+    // check if we are behind a reverse proxy
+    if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
+        if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
+	    return true;
+	} else {
+	    return false;
+	}
+    }
     if (!isset($_SERVER['HTTPS']) ||
         preg_match('/^(|off|false|disabled)$/i',$_SERVER['HTTPS'])){
         return false;