From 8e4be773685f7dff074f23e2df13072577091f44 Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Tue, 3 Jan 2017 14:17:05 +0100 Subject: Hide default port in local URL behind a reverse proxy --- tests/HttpUtils/ServerUrlTest.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'tests/HttpUtils/ServerUrlTest.php') diff --git a/tests/HttpUtils/ServerUrlTest.php b/tests/HttpUtils/ServerUrlTest.php index 8a55a220..7fdad659 100644 --- a/tests/HttpUtils/ServerUrlTest.php +++ b/tests/HttpUtils/ServerUrlTest.php @@ -68,6 +68,19 @@ class ServerUrlTest extends PHPUnit_Framework_TestCase ) ); + $this->assertEquals( + 'https://host.tld', + server_url( + array( + 'HTTPS' => 'Off', + 'SERVER_NAME' => 'host.tld', + 'SERVER_PORT' => '80', + 'HTTP_X_FORWARDED_PROTO' => 'https', + 'HTTP_X_FORWARDED_PORT' => '443' + ) + ) + ); + $this->assertEquals( 'https://host.tld:4974', server_url( -- cgit v1.2.3 From 0b51ea72517efa8731348cfaed410c71cb2bfd91 Mon Sep 17 00:00:00 2001 From: Stephen Muth Date: Wed, 12 Jul 2017 17:57:47 +0000 Subject: Add tests to cover new server_url behavior --- tests/HttpUtils/ServerUrlTest.php | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'tests/HttpUtils/ServerUrlTest.php') diff --git a/tests/HttpUtils/ServerUrlTest.php b/tests/HttpUtils/ServerUrlTest.php index 7fdad659..dac02b3e 100644 --- a/tests/HttpUtils/ServerUrlTest.php +++ b/tests/HttpUtils/ServerUrlTest.php @@ -38,6 +38,34 @@ class ServerUrlTest extends PHPUnit_Framework_TestCase ); } + /** + * Detect a Proxy that sets Forwarded-Host + */ + public function testHttpsProxyForwardedHost() + { + $this->assertEquals( + 'https://host.tld:8080', + server_url( + array( + 'HTTP_X_FORWARDED_PROTO' => 'https', + 'HTTP_X_FORWARDED_PORT' => '8080', + 'HTTP_X_FORWARDED_HOST' => 'host.tld' + ) + ) + ); + + $this->assertEquals( + 'https://host.tld:4974', + server_url( + array( + 'HTTP_X_FORWARDED_PROTO' => 'https, https', + 'HTTP_X_FORWARDED_PORT' => '4974, 80', + 'HTTP_X_FORWARDED_HOST' => 'host.tld, example.com' + ) + ) + ); + } + /** * Detect a Proxy with SSL enabled */ -- cgit v1.2.3 From 8e9fc6f6e6afc052a2c3b2d459764cc9ab20420a Mon Sep 17 00:00:00 2001 From: ArthurHoaro Date: Fri, 17 Nov 2017 19:04:14 +0100 Subject: Force HTTPS if the original port is 443 behind a reverse proxy Fixes #1022 --- tests/HttpUtils/ServerUrlTest.php | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) (limited to 'tests/HttpUtils/ServerUrlTest.php') diff --git a/tests/HttpUtils/ServerUrlTest.php b/tests/HttpUtils/ServerUrlTest.php index dac02b3e..324b827a 100644 --- a/tests/HttpUtils/ServerUrlTest.php +++ b/tests/HttpUtils/ServerUrlTest.php @@ -186,4 +186,36 @@ class ServerUrlTest extends PHPUnit_Framework_TestCase ) ); } + + /** + * Misconfigured server (see #1022): Proxy HTTP but 443 + */ + public function testHttpWithPort433() + { + $this->assertEquals( + 'https://host.tld', + server_url( + array( + 'HTTPS' => 'Off', + 'SERVER_NAME' => 'host.tld', + 'SERVER_PORT' => '80', + 'HTTP_X_FORWARDED_PROTO' => 'http', + 'HTTP_X_FORWARDED_PORT' => '443' + ) + ) + ); + + $this->assertEquals( + 'https://host.tld', + server_url( + array( + 'HTTPS' => 'Off', + 'SERVER_NAME' => 'host.tld', + 'SERVER_PORT' => '80', + 'HTTP_X_FORWARDED_PROTO' => 'https, http', + 'HTTP_X_FORWARDED_PORT' => '443, 80' + ) + ) + ); + } } -- cgit v1.2.3