From 8e9fc6f6e6afc052a2c3b2d459764cc9ab20420a Mon Sep 17 00:00:00 2001
From: ArthurHoaro <arthur@hoa.ro>
Date: Fri, 17 Nov 2017 19:04:14 +0100
Subject: Force HTTPS if the original port is 443 behind a reverse proxy

Fixes #1022
---
 application/HttpUtils.php | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'application/HttpUtils.php')

diff --git a/application/HttpUtils.php b/application/HttpUtils.php
index 00835966..c6181df4 100644
--- a/application/HttpUtils.php
+++ b/application/HttpUtils.php
@@ -302,6 +302,13 @@ function server_url($server)
                 $port = $server['HTTP_X_FORWARDED_PORT'];
             }
 
+            // This is a workaround for proxies that don't forward the scheme properly.
+            // Connecting over port 443 has to be in HTTPS.
+            // See https://github.com/shaarli/Shaarli/issues/1022
+            if ($port == '443') {
+                $scheme = 'https';
+            }
+
             if (($scheme == 'http' && $port != '80')
                 || ($scheme == 'https' && $port != '443')
             ) {
-- 
cgit v1.2.3