opensourcemirror
/
dokuwiki
mirror of https://github.com/splitbrain/dokuwiki.git
1
0
Fork 0
Code Issues Releases Wiki Activity

adding X-Forwarded-Proto support in is_ssl() 

This commit adds support for X-Forwarded-Proto in case dokuwiki runs
behind a reverse (SSL) proxy, but the connection between the proxy and
the web server running dokuwki is plain HTTP. If an authenticated
user is accidentaly dropped to HTTP from HTTPS the securecookie setting
should be honored and the redirection when saving or canceling a page
edit should point to the correct protocol. This happens every time a
user hits cancel after editing a page, and likely even after saving. If
the webserver doesn't enforce HTTPS the coockie might be sent in clear.
This commit is contained in:
Enrico Tagliavini 2014-07-12 23:26:45 +02:00
parent 61b8aeed46
commit 19738e6513
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
inc/init.php
View File

@ -456,10 +456,6 @@ function getBaseURL($abs=null){
$port = '';
}
if(!$port && isset($_SERVER['SERVER_PORT'])) {
$port = $_SERVER['SERVER_PORT'];
}
if(is_null($port)){
$port = '';
}
@ -490,6 +486,14 @@ function getBaseURL($abs=null){
* @returns bool true when SSL is active
*/
function is_ssl(){
// check if we are behind a reverse proxy
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
return true;
} else {
return false;
}
}
if (!isset($_SERVER['HTTPS']) ||
preg_match('/^(|off|false|disabled)$/i',$_SERVER['HTTPS'])){
return false;