From 7b114771d337af3bfd51d8fda1e8f2fd5b39535d Mon Sep 17 00:00:00 2001 From: Fanch Date: Tue, 1 Sep 2015 13:37:04 +0200 Subject: SSL detection: add support for `X-Forwarded-Proto` Duplicates #332 See: - RFC 7239 - Forwarded HTTP Extension http://www.ietf.org/rfc/rfc7239.txt - RFC 6238 - Deprecating the "X-" Prefix and Similar Constructs in Application Protocols http://www.ietf.org/rfc/rfc6648.txt - StackOverflow - Custom HTTP headers: naming conventions http://stackoverflow.com/a/3561399 --- index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.php b/index.php index 61d92f04..7818ee88 100755 --- a/index.php +++ b/index.php @@ -463,7 +463,7 @@ if (isset($_POST['login'])) // You can append $_SERVER['SCRIPT_NAME'] to get the current script URL. function serverUrl() { - $https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection. + $https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443' || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'); // HTTPS detection. $serverport = ($_SERVER["SERVER_PORT"]=='80' || ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]); return 'http'.($https?'s':'').'://'.$_SERVER['SERVER_NAME'].$serverport; } -- cgit v1.2.3