diff options
| author | Frank Karlitschek <frank@owncloud.org> | 2012-06-01 10:38:44 +0200 |
|---|---|---|
| committer | Frank Karlitschek <frank@owncloud.org> | 2012-06-01 10:38:44 +0200 |
| commit | 24d14783d7b4706a3ad374a2229271f8f422e9cd (patch) | |
| tree | 92496f1e07d1b8e29d818b0c63b6f9e6fcd60304 /lib/base.php | |
| parent | baae4c741ded1c702369c1a513b08324a63985f5 (diff) | |
| download | nextcloud-server-24d14783d7b4706a3ad374a2229271f8f422e9cd.tar.gz nextcloud-server-24d14783d7b4706a3ad374a2229271f8f422e9cd.zip | |
added a serverProtocol function that correctly returns the used protocol even if the ssl connection is terminated at a reverse_proxy or at a load balancer
Diffstat (limited to 'lib/base.php')
| -rw-r--r-- | lib/base.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/lib/base.php b/lib/base.php index fdb682bf503..cb98a6c9e0b 100644 --- a/lib/base.php +++ b/lib/base.php @@ -214,8 +214,8 @@ class OC{ // redirect to https site if configured if( OC_Config::getValue( "forcessl", false )){ ini_set("session.cookie_secure", "on"); - if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') { - $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; + if(OC_Helper::serverProtocol()<>'https') { + $url = "https://". OC_Helper::serverHost() . $_SERVER['REQUEST_URI']; header("Location: $url"); exit(); } @@ -376,11 +376,11 @@ class OC{ // CSRF protection if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer=''; - if(isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']<>'') $protocol='https://'; else $protocol='http://'; + $protocol=OC_Helper::serverProtocol().'://'; if(!self::$CLI){ - $server=$protocol.$_SERVER['SERVER_NAME']; + $server=$protocol.OC_Helper::serverHost(); if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) { - $url = $protocol.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php'; + $url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php'; header("Location: $url"); exit(); } |