summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--_test/tests/inc/init_checkssl.test.php81
-rw-r--r--inc/init.php12
2 files changed, 89 insertions, 4 deletions
diff --git a/_test/tests/inc/init_checkssl.test.php b/_test/tests/inc/init_checkssl.test.php
new file mode 100644
index 000000000..c57d3c37e
--- /dev/null
+++ b/_test/tests/inc/init_checkssl.test.php
@@ -0,0 +1,81 @@
+<?php
+
+class init_checkssl_test extends DokuWikiTest {
+
+ /**
+ * Running behind an SSL proxy, HTTP between server and proxy
+ * HTTPS not set
+ * HTTP_X_FORWARDED_PROTO
+ * set to https
+ */
+ function test1() {
+ $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https';
+
+ $this->assertEquals(is_ssl(), true);
+ }
+
+ /**
+ * Running behind a plain HTTP proxy, HTTP between server and proxy
+ * HTTPS not set
+ * HTTP_X_FORWARDED_PROTO set to http
+ */
+ function test2() {
+ $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'http';
+
+ $this->assertEquals(is_ssl(), false);
+ }
+
+ /**
+ * Running behind an SSL proxy, HTTP between server and proxy
+ * HTTPS set to off,
+ * HTTP_X_FORWARDED_PROTO set to https
+ */
+ function test3() {
+ $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https';
+ $_SERVER['HTTPS'] = 'off';
+
+ $this->assertEquals(is_ssl(), true);
+ }
+
+ /**
+ * Not running behind a proxy, HTTPS server
+ * HTTPS set to on,
+ * HTTP_X_FORWARDED_PROTO not set
+ */
+ function test4() {
+ $_SERVER['HTTPS'] = 'on';
+
+ $this->assertEquals(is_ssl(), true);
+ }
+
+ /**
+ * Not running behind a proxy, plain HTTP server
+ * HTTPS not set
+ * HTTP_X_FORWARDED_PROTO not set
+ */
+ function test5() {
+ $this->assertEquals(is_ssl(), false);
+ }
+
+ /**
+ * Not running behind a proxy, plain HTTP server
+ * HTTPS set to off
+ * HTTP_X_FORWARDED_PROTO not set
+ */
+ function test6() {
+ $_SERVER['HTTPS'] = 'off';
+ $this->assertEquals(is_ssl(), false);
+ }
+
+ /**
+ * Running behind an SSL proxy, SSL between proxy and HTTP server
+ * HTTPS set to on,
+ * HTTP_X_FORWARDED_PROTO set to https
+ */
+ function test7() {
+ $_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https';
+ $_SERVER['HTTPS'] = 'on';
+
+ $this->assertEquals(is_ssl(), true);
+ }
+}
diff --git a/inc/init.php b/inc/init.php
index 4ff239787..d825b5250 100644
--- a/inc/init.php
+++ b/inc/init.php
@@ -456,10 +456,6 @@ function getBaseURL($abs=null){
$port = '';
}
- if(!$port && isset($_SERVER['SERVER_PORT'])) {
- $port = $_SERVER['SERVER_PORT'];
- }
-
if(is_null($port)){
$port = '';
}
@@ -490,6 +486,14 @@ function getBaseURL($abs=null){
* @returns bool true when SSL is active
*/
function is_ssl(){
+ // check if we are behind a reverse proxy
+ if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
+ if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
+ return true;
+ } else {
+ return false;
+ }
+ }
if (!isset($_SERVER['HTTPS']) ||
preg_match('/^(|off|false|disabled)$/i',$_SERVER['HTTPS'])){
return false;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 05:48:30 +0000