diff options
author | ArthurHoaro <arthur@hoa.ro> | 2017-08-25 19:47:57 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2017-09-02 13:50:49 +0200 |
commit | a3130d2c2f27052710d4dbd51d0001190b19b383 (patch) | |
tree | 8a8d86ce757ac0796c6bf8b0e3546fed872d2088 /application/HttpUtils.php | |
parent | 2a1292359b79ec77257583ea9d97891dfd2ddb1b (diff) | |
download | Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.tar.gz Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.tar.zst Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.zip |
Make work behind a reverse proxy
Without HTTP_X_FORWARDED_PORT check, might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
Diffstat (limited to 'application/HttpUtils.php')
-rw-r--r-- | application/HttpUtils.php | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/application/HttpUtils.php b/application/HttpUtils.php index 88a1efdb..00835966 100644 --- a/application/HttpUtils.php +++ b/application/HttpUtils.php | |||
@@ -401,3 +401,31 @@ function getIpAddressFromProxy($server, $trustedIps) | |||
401 | 401 | ||
402 | return array_pop($ips); | 402 | return array_pop($ips); |
403 | } | 403 | } |
404 | |||
405 | /** | ||
406 | * Returns true if Shaarli's currently browsed in HTTPS. | ||
407 | * Supports reverse proxies (if the headers are correctly set). | ||
408 | * | ||
409 | * @param array $server $_SERVER. | ||
410 | * | ||
411 | * @return bool true if HTTPS, false otherwise. | ||
412 | */ | ||
413 | function is_https($server) | ||
414 | { | ||
415 | |||
416 | if (isset($server['HTTP_X_FORWARDED_PORT'])) { | ||
417 | // Keep forwarded port | ||
418 | if (strpos($server['HTTP_X_FORWARDED_PORT'], ',') !== false) { | ||
419 | $ports = explode(',', $server['HTTP_X_FORWARDED_PORT']); | ||
420 | $port = trim($ports[0]); | ||
421 | } else { | ||
422 | $port = $server['HTTP_X_FORWARDED_PORT']; | ||
423 | } | ||
424 | |||
425 | if ($port == '443') { | ||
426 | return true; | ||
427 | } | ||
428 | } | ||
429 | |||
430 | return ! empty($server['HTTPS']); | ||
431 | } | ||