Make work behind a reverse proxy

Without HTTP_X_FORWARDED_PORT check, might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
author: ArthurHoaro <arthur@hoa.ro> 2017-08-25 19:47:57 +0200
committer: ArthurHoaro <arthur@hoa.ro> 2017-09-02 13:50:49 +0200
commit: a3130d2c2f27052710d4dbd51d0001190b19b383 (patch)
tree: 8a8d86ce757ac0796c6bf8b0e3546fed872d2088 /application
parent: 2a1292359b79ec77257583ea9d97891dfd2ddb1b (diff)
download: Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.tar.gz
Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.tar.zst
Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.zip
1 files changed, 28 insertions, 0 deletions
diff --git a/application/HttpUtils.php b/application/HttpUtils.php
index 88a1efdb..00835966 100644
--- a/application/HttpUtils.php
+++ b/application/HttpUtils.php
@@ -401,3 +401,31 @@ function getIpAddressFromProxy($server, $trustedIps)
    return array_pop($ips);
 }
+/**
+ * Returns true if Shaarli's currently browsed in HTTPS.
+ * Supports reverse proxies (if the headers are correctly set).
+ *
+ * @param array $server $_SERVER.
+ *
+ * @return bool true if HTTPS, false otherwise.
+ */
+function is_https($server)
+{
+    if (isset($server['HTTP_X_FORWARDED_PORT'])) {
+        // Keep forwarded port
+        if (strpos($server['HTTP_X_FORWARDED_PORT'], ',') !== false) {
+            $ports = explode(',', $server['HTTP_X_FORWARDED_PORT']);
+            $port = trim($ports[0]);
+        } else {
+            $port = $server['HTTP_X_FORWARDED_PORT'];
+        }
+        if ($port == '443') {
+            return true;
+        }
+    }
+    return ! empty($server['HTTPS']);
+}
author	ArthurHoaro <arthur@hoa.ro>	2017-08-25 19:47:57 +0200
committer	ArthurHoaro <arthur@hoa.ro>	2017-09-02 13:50:49 +0200
commit	a3130d2c2f27052710d4dbd51d0001190b19b383 (patch)
tree	8a8d86ce757ac0796c6bf8b0e3546fed872d2088 /application
parent	2a1292359b79ec77257583ea9d97891dfd2ddb1b (diff)
download	Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.tar.gz Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.tar.zst Shaarli-a3130d2c2f27052710d4dbd51d0001190b19b383.zip

diff --git a/application/HttpUtils.php b/application/HttpUtils.php index 88a1efdb..00835966 100644 --- a/application/HttpUtils.php +++ b/application/HttpUtils.php
@@ -401,3 +401,31 @@ function getIpAddressFromProxy($server, $trustedIps)
401		401
402	return array_pop($ips);	402	return array_pop($ips);
403	}	403	}
		404
		405	/**
		406	* Returns true if Shaarli's currently browsed in HTTPS.
		407	* Supports reverse proxies (if the headers are correctly set).
		408	*
		409	* @param array $server $_SERVER.
		410	*
		411	* @return bool true if HTTPS, false otherwise.
		412	*/
		413	function is_https($server)
		414	{
		415
		416	if (isset($server['HTTP_X_FORWARDED_PORT'])) {
		417	// Keep forwarded port
		418	if (strpos($server['HTTP_X_FORWARDED_PORT'], ',') !== false) {
		419	$ports = explode(',', $server['HTTP_X_FORWARDED_PORT']);
		420	$port = trim($ports[0]);
		421	} else {
		422	$port = $server['HTTP_X_FORWARDED_PORT'];
		423	}
		424
		425	if ($port == '443') {
		426	return true;
		427	}
		428	}
		429
		430	return ! empty($server['HTTPS']);
		431	}