// redirect to https site if configured
if( OC_Config::getValue( "forcessl", false )){
ini_set("session.cookie_secure", "on");
- if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') {
- $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
+ if(OC_Helper::serverProtocol()<>'https') {
+ $url = "https://". OC_Helper::serverHost() . $_SERVER['REQUEST_URI'];
header("Location: $url");
exit();
}
// CSRF protection
if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
- if(isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']<>'') $protocol='https://'; else $protocol='http://';
+ $protocol=OC_Helper::serverProtocol().'://';
if(!self::$CLI){
- $server=$protocol.$_SERVER['SERVER_NAME'];
+ $server=$protocol.OC_Helper::serverHost();
if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) {
- $url = $protocol.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php';
+ $url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php';
header("Location: $url");
exit();
}
return $host;
}
+
+ /**
+ * @brief Returns the server protocol
+ * @returns the server protocol
+ *
+ * Returns the server protocol. It respects reverse proxy servers and load balancers
+ */
+ public static function serverProtocol() {
+ if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
+ $proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']);
+ }else{
+ if(isset($_SERVER['HTTPS']) and !empty($_SERVER['HTTPS']) and ($_SERVER['HTTPS']!='off')) {
+ $proto = 'https';
+ }else{
+ $proto = 'http';
+ }
+ }
+ return($proto);
+ }
+
+
/**
* @brief Creates an absolute url
* @param $app app
*/
public static function linkToAbsolute( $app, $file ) {
$urlLinkTo = self::linkTo( $app, $file );
- // Checking if the request was made through HTTPS. The last in line is for IIS
- $protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS']!='off');
- $urlLinkTo = ($protocol?'https':'http') . '://' . self::serverHost() . $urlLinkTo;
+ $urlLinkTo = OC_Helper::serverProtocol(). '://' . self::serverHost() . $urlLinkTo;
return $urlLinkTo;
}
return(\OC_Helper::serverHost());
}
+ /**
+ * @brief Returns the server protocol
+ * @returns the server protocol
+ *
+ * Returns the server protocol. It respects reverse proxy servers and load balancers
+ */
+ public static function getServerProtocol() {
+ return(\OC_Helper::serverProtocol());
+ }
+
/**
* @brief Creates path to an image
* @param $app app
projects / nextcloud-server.git / commitdiff