X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=application%2FHttpUtils.php;h=c9371b55c5cc6ddacd9a888984889a466075b63a;hb=12db590e8fe53c46ca2ee81c240f1d671881a139;hp=a81f90565fb3b79349981cadb049de3a2fe2d6aa;hpb=ee6f4b64a91d76070f930cdf7602ab4686714c7a;p=github%2Fshaarli%2FShaarli.git

diff --git a/application/HttpUtils.php b/application/HttpUtils.php
index a81f9056..c9371b55 100644
--- a/application/HttpUtils.php
+++ b/application/HttpUtils.php
@@ -76,7 +76,7 @@ function get_http_response($url, $timeout = 30, $maxBytes = 4194304)
     curl_setopt($ch, CURLOPT_USERAGENT,         $userAgent);
 
     // Max download size management
-    curl_setopt($ch, CURLOPT_BUFFERSIZE,        1024);
+    curl_setopt($ch, CURLOPT_BUFFERSIZE,        1024*16);
     curl_setopt($ch, CURLOPT_NOPROGRESS,        false);
     curl_setopt($ch, CURLOPT_PROGRESSFUNCTION,
         function($arg0, $arg1, $arg2, $arg3, $arg4 = 0) use ($maxBytes)
@@ -302,6 +302,13 @@ function server_url($server)
                 $port = $server['HTTP_X_FORWARDED_PORT'];
             }
 
+            // This is a workaround for proxies that don't forward the scheme properly.
+            // Connecting over port 443 has to be in HTTPS.
+            // See https://github.com/shaarli/Shaarli/issues/1022
+            if ($port == '443') {
+                $scheme = 'https';
+            }
+
             if (($scheme == 'http' && $port != '80')
                 || ($scheme == 'https' && $port != '443')
             ) {
@@ -311,7 +318,19 @@ function server_url($server)
             }
         }
 
-        return $scheme.'://'.$server['SERVER_NAME'].$port;
+        if (isset($server['HTTP_X_FORWARDED_HOST'])) {
+            // Keep forwarded host
+            if (strpos($server['HTTP_X_FORWARDED_HOST'], ',') !== false) {
+                $hosts = explode(',', $server['HTTP_X_FORWARDED_HOST']);
+                $host = trim($hosts[0]);
+            } else {
+                $host = $server['HTTP_X_FORWARDED_HOST'];
+            }
+        } else {
+            $host = $server['SERVER_NAME'];
+        }
+
+        return $scheme.'://'.$host.$port;
     }
 
     // SSL detection
@@ -389,3 +408,31 @@ function getIpAddressFromProxy($server, $trustedIps)
 
     return array_pop($ips);
 }
+
+/**
+ * Returns true if Shaarli's currently browsed in HTTPS.
+ * Supports reverse proxies (if the headers are correctly set).
+ *
+ * @param array $server $_SERVER.
+ *
+ * @return bool true if HTTPS, false otherwise.
+ */
+function is_https($server)
+{
+
+    if (isset($server['HTTP_X_FORWARDED_PORT'])) {
+        // Keep forwarded port
+        if (strpos($server['HTTP_X_FORWARDED_PORT'], ',') !== false) {
+            $ports = explode(',', $server['HTTP_X_FORWARDED_PORT']);
+            $port = trim($ports[0]);
+        } else {
+            $port = $server['HTTP_X_FORWARDED_PORT'];
+        }
+
+        if ($port == '443') {
+            return true;
+        }
+    }
+
+    return ! empty($server['HTTPS']);
+}