aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--application/HttpUtils.php28
-rw-r--r--index.php6
-rw-r--r--tests/HttpUtils/IsHttpsTest.php36
-rw-r--r--tpl/default/js/shaarli.js3
4 files changed, 69 insertions, 4 deletions
diff --git a/application/HttpUtils.php b/application/HttpUtils.php
index 88a1efdb..00835966 100644
--- a/application/HttpUtils.php
+++ b/application/HttpUtils.php
@@ -401,3 +401,31 @@ function getIpAddressFromProxy($server, $trustedIps)
401 401
402 return array_pop($ips); 402 return array_pop($ips);
403} 403}
404
405/**
406 * Returns true if Shaarli's currently browsed in HTTPS.
407 * Supports reverse proxies (if the headers are correctly set).
408 *
409 * @param array $server $_SERVER.
410 *
411 * @return bool true if HTTPS, false otherwise.
412 */
413function is_https($server)
414{
415
416 if (isset($server['HTTP_X_FORWARDED_PORT'])) {
417 // Keep forwarded port
418 if (strpos($server['HTTP_X_FORWARDED_PORT'], ',') !== false) {
419 $ports = explode(',', $server['HTTP_X_FORWARDED_PORT']);
420 $port = trim($ports[0]);
421 } else {
422 $port = $server['HTTP_X_FORWARDED_PORT'];
423 }
424
425 if ($port == '443') {
426 return true;
427 }
428 }
429
430 return ! empty($server['HTTPS']);
431}
diff --git a/index.php b/index.php
index 07470a08..218d317d 100644
--- a/index.php
+++ b/index.php
@@ -1065,10 +1065,10 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
1065 // -------- Display the Tools menu if requested (import/export/bookmarklet...) 1065 // -------- Display the Tools menu if requested (import/export/bookmarklet...)
1066 if ($targetPage == Router::$PAGE_TOOLS) 1066 if ($targetPage == Router::$PAGE_TOOLS)
1067 { 1067 {
1068 $data = array( 1068 $data = [
1069 'pageabsaddr' => index_url($_SERVER), 1069 'pageabsaddr' => index_url($_SERVER),
1070 'sslenabled' => !empty($_SERVER['HTTPS']) 1070 'sslenabled' => is_https($_SERVER),
1071 ); 1071 ];
1072 $pluginManager->executeHooks('render_tools', $data); 1072 $pluginManager->executeHooks('render_tools', $data);
1073 1073
1074 foreach ($data as $key => $value) { 1074 foreach ($data as $key => $value) {
diff --git a/tests/HttpUtils/IsHttpsTest.php b/tests/HttpUtils/IsHttpsTest.php
new file mode 100644
index 00000000..097f2bcf
--- /dev/null
+++ b/tests/HttpUtils/IsHttpsTest.php
@@ -0,0 +1,36 @@
1<?php
2
3
4/**
5 * Class IsHttpsTest
6 *
7 * Test class for is_https() function.
8 */
9class IsHttpsTest extends PHPUnit_Framework_TestCase
10{
11
12 /**
13 * Test is_https with HTTPS values.
14 */
15 public function testIsHttpsTrue()
16 {
17 $this->assertTrue(is_https(['HTTPS' => true]));
18 $this->assertTrue(is_https(['HTTPS' => '1']));
19 $this->assertTrue(is_https(['HTTPS' => false, 'HTTP_X_FORWARDED_PORT' => 443]));
20 $this->assertTrue(is_https(['HTTPS' => false, 'HTTP_X_FORWARDED_PORT' => '443']));
21 $this->assertTrue(is_https(['HTTPS' => false, 'HTTP_X_FORWARDED_PORT' => '443,123,456,']));
22 }
23
24 /**
25 * Test is_https with HTTP values.
26 */
27 public function testIsHttpsFalse()
28 {
29 $this->assertFalse(is_https([]));
30 $this->assertFalse(is_https(['HTTPS' => false]));
31 $this->assertFalse(is_https(['HTTPS' => '0']));
32 $this->assertFalse(is_https(['HTTPS' => false, 'HTTP_X_FORWARDED_PORT' => 123]));
33 $this->assertFalse(is_https(['HTTPS' => false, 'HTTP_X_FORWARDED_PORT' => '123']));
34 $this->assertFalse(is_https(['HTTPS' => false, 'HTTP_X_FORWARDED_PORT' => ',123,456,']));
35 }
36}
diff --git a/tpl/default/js/shaarli.js b/tpl/default/js/shaarli.js
index f38ba62f..1c66ebbd 100644
--- a/tpl/default/js/shaarli.js
+++ b/tpl/default/js/shaarli.js
@@ -607,10 +607,11 @@ function htmlEntities(str)
607function activateFirefoxSocial(node) { 607function activateFirefoxSocial(node) {
608 var loc = location.href; 608 var loc = location.href;
609 var baseURL = loc.substring(0, loc.lastIndexOf("/") + 1); 609 var baseURL = loc.substring(0, loc.lastIndexOf("/") + 1);
610 var title = document.title;
610 611
611 // Keeping the data separated (ie. not in the DOM) so that it's maintainable and diffable. 612 // Keeping the data separated (ie. not in the DOM) so that it's maintainable and diffable.
612 var data = { 613 var data = {
613 name: "{$shaarlititle}", 614 name: title,
614 description: "The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community.", 615 description: "The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community.",
615 author: "Shaarli", 616 author: "Shaarli",
616 version: "1.0.0", 617 version: "1.0.0",