3 files changed, 44 insertions, 4 deletions

diff --git a/docs/01_setup.mkd b/docs/01_setup.mkd
index 6d6f7271..6558207a 100644
--- a/docs/01_setup.mkd
+++ b/docs/01_setup.mkd
@@ -156,6 +156,10 @@ ProxyPreserveHost On
 # If your httpd frontend is https but you are proxying http Gitblit WAR or GO

 #Header edit Location ^http://([^⁄]+)/gitblit/ https://$1/gitblit/

 

+# Additionally you will want to tell Gitblit the original scheme and port

+#Header set X-Forwarded-Proto https

+#Header set X-Forwarded-Port 443

+

 #ProxyPass /gitblit ajp://localhost:8009/gitblit

 %ENDCODE%  

 **Please** make sure to:  

diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd
index 4e4ee99f..fd50ea57 100644
--- a/docs/04_releases.mkd
+++ b/docs/04_releases.mkd
@@ -11,6 +11,7 @@ If you are updating from an 0.9.x release AND you have indexed branches with the
 

 #### fixes

 

+- Repository URL uses `X-Forwarded-Proto` and `X-Forwarded-Port`, if available, for reverse proxy configurations (issue 115)

 - Fixes to relative path determination in repository searh algorithm for symlinks (issue 116)

 - Output real RAW content, not simulated RAW content (issue 114)

 - Fixed Lucene charset encoding bug when reindexing a repository (issue 112)

diff --git a/src/com/gitblit/utils/HttpUtils.java b/src/com/gitblit/utils/HttpUtils.java
index 079d1a6b..3903f8c7 100644
--- a/src/com/gitblit/utils/HttpUtils.java
+++ b/src/com/gitblit/utils/HttpUtils.java
@@ -32,13 +32,48 @@ public class HttpUtils {
 	 * @return the host url

 	 */

 	public static String getGitblitURL(HttpServletRequest request) {

+		// default to the request scheme and port

+		String scheme = request.getScheme();

+		int port = request.getServerPort();

+

+		// try to use reverse-proxy server's port

+        String forwardedPort = request.getHeader("X-Forwarded-Port");

+        if (StringUtils.isEmpty(forwardedPort)) {

+        	forwardedPort = request.getHeader("X_Forwarded_Port");

+        }

+        if (!StringUtils.isEmpty(forwardedPort)) {

+        	// reverse-proxy server has supplied the original port

+        	try {

+        		port = Integer.parseInt(forwardedPort);

+        	} catch (Throwable t) {

+        	}

+        }

+        

+		// try to use reverse-proxy server's scheme

+        String forwardedScheme = request.getHeader("X-Forwarded-Proto");

+        if (StringUtils.isEmpty(forwardedScheme)) {

+        	forwardedScheme = request.getHeader("X_Forwarded_Proto");

+        }

+        if (!StringUtils.isEmpty(forwardedScheme)) {

+        	// reverse-proxy server has supplied the original scheme

+        	scheme = forwardedScheme;

+        	

+        	if ("https".equals(scheme) && port == 80) {

+        		// proxy server is https, inside server is 80

+        		// this is likely because the proxy server has not supplied

+        		// x-forwarded-port. since 80 is almost definitely wrong,

+        		// make an educated guess that 443 is correct.

+        		port = 443;

+        	}

+        }

+        

 		StringBuilder sb = new StringBuilder();

-		sb.append(request.getScheme());

+		sb.append(scheme);

 		sb.append("://");

 		sb.append(request.getServerName());

-		if ((request.getScheme().equals("http") && request.getServerPort() != 80)

-				|| (request.getScheme().equals("https") && request.getServerPort() != 443)) {

-			sb.append(":" + request.getServerPort());

+		if (("http".equals(scheme) && port != 80)

+				|| ("https".equals(scheme) && port != 443)) {

+			sb.append(":" + port);

 		}

 		sb.append(request.getContextPath());

 		return sb.toString();