diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2014-09-26 11:11:44 +0200 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2014-09-26 11:11:44 +0200 |
| commit | c3c7c422c0b6c95bd04bfa0a0db74a3fcac73edb (patch) | |
| tree | 7b6556b24d93ea304bad256a2f9ae7be0d933e84 | |
| parent | cdb157d1be96e399fcf2f1ed4917457e1ec94c74 (diff) | |
| parent | c42f789c87b115a747a7436d81e7aee886d0ac88 (diff) | |
| download | rpg-c3c7c422c0b6c95bd04bfa0a0db74a3fcac73edb.tar.gz rpg-c3c7c422c0b6c95bd04bfa0a0db74a3fcac73edb.tar.bz2 | |
Merge pull request #799 from enricotagliavini/master
Adding X-Forwarded-Proto support
| -rw-r--r-- | _test/tests/inc/init_checkssl.test.php | 81 | ||||
| -rw-r--r-- | inc/init.php | 12 |
2 files changed, 89 insertions, 4 deletions
diff --git a/_test/tests/inc/init_checkssl.test.php b/_test/tests/inc/init_checkssl.test.php new file mode 100644 index 000000000..c57d3c37e --- /dev/null +++ b/_test/tests/inc/init_checkssl.test.php @@ -0,0 +1,81 @@ +<?php + +class init_checkssl_test extends DokuWikiTest { + + /** + * Running behind an SSL proxy, HTTP between server and proxy + * HTTPS not set + * HTTP_X_FORWARDED_PROTO + * set to https + */ + function test1() { + $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https'; + + $this->assertEquals(is_ssl(), true); + } + + /** + * Running behind a plain HTTP proxy, HTTP between server and proxy + * HTTPS not set + * HTTP_X_FORWARDED_PROTO set to http + */ + function test2() { + $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'http'; + + $this->assertEquals(is_ssl(), false); + } + + /** + * Running behind an SSL proxy, HTTP between server and proxy + * HTTPS set to off, + * HTTP_X_FORWARDED_PROTO set to https + */ + function test3() { + $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https'; + $_SERVER['HTTPS'] = 'off'; + + $this->assertEquals(is_ssl(), true); + } + + /** + * Not running behind a proxy, HTTPS server + * HTTPS set to on, + * HTTP_X_FORWARDED_PROTO not set + */ + function test4() { + $_SERVER['HTTPS'] = 'on'; + + $this->assertEquals(is_ssl(), true); + } + + /** + * Not running behind a proxy, plain HTTP server + * HTTPS not set + * HTTP_X_FORWARDED_PROTO not set + */ + function test5() { + $this->assertEquals(is_ssl(), false); + } + + /** + * Not running behind a proxy, plain HTTP server + * HTTPS set to off + * HTTP_X_FORWARDED_PROTO not set + */ + function test6() { + $_SERVER['HTTPS'] = 'off'; + $this->assertEquals(is_ssl(), false); + } + + /** + * Running behind an SSL proxy, SSL between proxy and HTTP server + * HTTPS set to on, + * HTTP_X_FORWARDED_PROTO set to https + */ + function test7() { + $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https'; + $_SERVER['HTTPS'] = 'on'; + + $this->assertEquals(is_ssl(), true); + } +} diff --git a/inc/init.php b/inc/init.php index 4ff239787..d825b5250 100644 --- a/inc/init.php +++ b/inc/init.php @@ -456,10 +456,6 @@ function getBaseURL($abs=null){ $port = ''; } - if(!$port && isset($_SERVER['SERVER_PORT'])) { - $port = $_SERVER['SERVER_PORT']; - } - if(is_null($port)){ $port = ''; } @@ -490,6 +486,14 @@ function getBaseURL($abs=null){ * @returns bool true when SSL is active */ function is_ssl(){ + // check if we are behind a reverse proxy + if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { + if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') { + return true; + } else { + return false; + } + } if (!isset($_SERVER['HTTPS']) || preg_match('/^(|off|false|disabled)$/i',$_SERVER['HTTPS'])){ return false; |