diff options
| author | ArthurHoaro <arthur@hoa.ro> | 2017-11-17 19:04:14 +0100 |
|---|---|---|
| committer | ArthurHoaro <arthur@hoa.ro> | 2017-12-02 15:24:35 +0100 |
| commit | 8e9fc6f6e6afc052a2c3b2d459764cc9ab20420a (patch) | |
| tree | b2ae47ccad12f412a39b2b34cfa2556ce2ad5658 /application | |
| parent | 844be5d55610f21e078f3325a1e4e20f41e5abb5 (diff) | |
| download | Shaarli-8e9fc6f6e6afc052a2c3b2d459764cc9ab20420a.tar.gz Shaarli-8e9fc6f6e6afc052a2c3b2d459764cc9ab20420a.tar.zst Shaarli-8e9fc6f6e6afc052a2c3b2d459764cc9ab20420a.zip | |
Force HTTPS if the original port is 443 behind a reverse proxy
Fixes #1022
Diffstat (limited to 'application')
| -rw-r--r-- | application/HttpUtils.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/application/HttpUtils.php b/application/HttpUtils.php index 00835966..c6181df4 100644 --- a/application/HttpUtils.php +++ b/application/HttpUtils.php | |||
| @@ -302,6 +302,13 @@ function server_url($server) | |||
| 302 | $port = $server['HTTP_X_FORWARDED_PORT']; | 302 | $port = $server['HTTP_X_FORWARDED_PORT']; |
| 303 | } | 303 | } |
| 304 | 304 | ||
| 305 | // This is a workaround for proxies that don't forward the scheme properly. | ||
| 306 | // Connecting over port 443 has to be in HTTPS. | ||
| 307 | // See https://github.com/shaarli/Shaarli/issues/1022 | ||
| 308 | if ($port == '443') { | ||
| 309 | $scheme = 'https'; | ||
| 310 | } | ||
| 311 | |||
| 305 | if (($scheme == 'http' && $port != '80') | 312 | if (($scheme == 'http' && $port != '80') |
| 306 | || ($scheme == 'https' && $port != '443') | 313 | || ($scheme == 'https' && $port != '443') |
| 307 | ) { | 314 | ) { |