aboutsummaryrefslogtreecommitdiffhomepage
path: root/application
diff options
context:
space:
mode:
authorArthurHoaro <arthur@hoa.ro>2017-08-25 19:47:57 +0200
committerArthurHoaro <arthur@hoa.ro>2017-09-02 13:50:49 +0200
commita3130d2c2f27052710d4dbd51d0001190b19b383 (patch)
tree8a8d86ce757ac0796c6bf8b0e3546fed872d2088 /application
parent2a1292359b79ec77257583ea9d97891dfd2ddb1b (diff)
downloadShaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.tar.gz
Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.tar.zst
Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.zip
Make work behind a reverse proxy
Without HTTP_X_FORWARDED_PORT check, might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
Diffstat (limited to 'application')
-rw-r--r--application/HttpUtils.php28
1 files changed, 28 insertions, 0 deletions
diff --git a/application/HttpUtils.php b/application/HttpUtils.php
index 88a1efdb..00835966 100644
--- a/application/HttpUtils.php
+++ b/application/HttpUtils.php
@@ -401,3 +401,31 @@ function getIpAddressFromProxy($server, $trustedIps)
401 401
402 return array_pop($ips); 402 return array_pop($ips);
403} 403}
404
405/**
406 * Returns true if Shaarli's currently browsed in HTTPS.
407 * Supports reverse proxies (if the headers are correctly set).
408 *
409 * @param array $server $_SERVER.
410 *
411 * @return bool true if HTTPS, false otherwise.
412 */
413function is_https($server)
414{
415
416 if (isset($server['HTTP_X_FORWARDED_PORT'])) {
417 // Keep forwarded port
418 if (strpos($server['HTTP_X_FORWARDED_PORT'], ',') !== false) {
419 $ports = explode(',', $server['HTTP_X_FORWARDED_PORT']);
420 $port = trim($ports[0]);
421 } else {
422 $port = $server['HTTP_X_FORWARDED_PORT'];
423 }
424
425 if ($port == '443') {
426 return true;
427 }
428 }
429
430 return ! empty($server['HTTPS']);
431}