adding X-Forwarded-Proto support in is_ssl()
This commit adds support for X-Forwarded-Proto in case dokuwiki runs behind a reverse (SSL) proxy, but the connection between the proxy and the web server running dokuwki is plain HTTP. If an authenticated user is accidentaly dropped to HTTP from HTTPS the securecookie setting should be honored and the redirection when saving or canceling a page edit should point to the correct protocol. This happens every time a user hits cancel after editing a page, and likely even after saving. If the webserver doesn't enforce HTTPS the coockie might be sent in clear.
This commit is contained in:
parent
61b8aeed46
commit
19738e6513
12
inc/init.php
12
inc/init.php
|
@ -456,10 +456,6 @@ function getBaseURL($abs=null){
|
|||
$port = '';
|
||||
}
|
||||
|
||||
if(!$port && isset($_SERVER['SERVER_PORT'])) {
|
||||
$port = $_SERVER['SERVER_PORT'];
|
||||
}
|
||||
|
||||
if(is_null($port)){
|
||||
$port = '';
|
||||
}
|
||||
|
@ -490,6 +486,14 @@ function getBaseURL($abs=null){
|
|||
* @returns bool true when SSL is active
|
||||
*/
|
||||
function is_ssl(){
|
||||
// check if we are behind a reverse proxy
|
||||
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
|
||||
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
if (!isset($_SERVER['HTTPS']) ||
|
||||
preg_match('/^(|off|false|disabled)$/i',$_SERVER['HTTPS'])){
|
||||
return false;
|
||||
|
|
Loading…
Reference in New Issue