diff options
| author | Frank Karlitschek <frank@owncloud.org> | 2012-06-01 10:38:44 +0200 |
|---|---|---|
| committer | Frank Karlitschek <frank@owncloud.org> | 2012-06-01 10:38:44 +0200 |
| commit | 24d14783d7b4706a3ad374a2229271f8f422e9cd (patch) | |
| tree | 92496f1e07d1b8e29d818b0c63b6f9e6fcd60304 /lib | |
| parent | baae4c741ded1c702369c1a513b08324a63985f5 (diff) | |
| download | nextcloud-server-24d14783d7b4706a3ad374a2229271f8f422e9cd.tar.gz nextcloud-server-24d14783d7b4706a3ad374a2229271f8f422e9cd.zip | |
added a serverProtocol function that correctly returns the used protocol even if the ssl connection is terminated at a reverse_proxy or at a load balancer
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/base.php | 10 | ||||
| -rw-r--r-- | lib/helper.php | 25 | ||||
| -rw-r--r-- | lib/public/util.php | 10 |
3 files changed, 37 insertions, 8 deletions
diff --git a/lib/base.php b/lib/base.php index fdb682bf503..cb98a6c9e0b 100644 --- a/lib/base.php +++ b/lib/base.php @@ -214,8 +214,8 @@ class OC{ // redirect to https site if configured if( OC_Config::getValue( "forcessl", false )){ ini_set("session.cookie_secure", "on"); - if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') { - $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; + if(OC_Helper::serverProtocol()<>'https') { + $url = "https://". OC_Helper::serverHost() . $_SERVER['REQUEST_URI']; header("Location: $url"); exit(); } @@ -376,11 +376,11 @@ class OC{ // CSRF protection if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer=''; - if(isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']<>'') $protocol='https://'; else $protocol='http://'; + $protocol=OC_Helper::serverProtocol().'://'; if(!self::$CLI){ - $server=$protocol.$_SERVER['SERVER_NAME']; + $server=$protocol.OC_Helper::serverHost(); if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) { - $url = $protocol.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php'; + $url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php'; header("Location: $url"); exit(); } diff --git a/lib/helper.php b/lib/helper.php index 537465b15ac..f8f84b91ae3 100644 --- a/lib/helper.php +++ b/lib/helper.php @@ -89,6 +89,27 @@ class OC_Helper { return $host; } + + /** + * @brief Returns the server protocol + * @returns the server protocol + * + * Returns the server protocol. It respects reverse proxy servers and load balancers + */ + public static function serverProtocol() { + if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) { + $proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']); + }else{ + if(isset($_SERVER['HTTPS']) and !empty($_SERVER['HTTPS']) and ($_SERVER['HTTPS']!='off')) { + $proto = 'https'; + }else{ + $proto = 'http'; + } + } + return($proto); + } + + /** * @brief Creates an absolute url * @param $app app @@ -99,9 +120,7 @@ class OC_Helper { */ public static function linkToAbsolute( $app, $file ) { $urlLinkTo = self::linkTo( $app, $file ); - // Checking if the request was made through HTTPS. The last in line is for IIS - $protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS']!='off'); - $urlLinkTo = ($protocol?'https':'http') . '://' . self::serverHost() . $urlLinkTo; + $urlLinkTo = OC_Helper::serverProtocol(). '://' . self::serverHost() . $urlLinkTo; return $urlLinkTo; } diff --git a/lib/public/util.php b/lib/public/util.php index 39a185d02a7..9b499574da1 100644 --- a/lib/public/util.php +++ b/lib/public/util.php @@ -169,6 +169,16 @@ class Util { } /** + * @brief Returns the server protocol + * @returns the server protocol + * + * Returns the server protocol. It respects reverse proxy servers and load balancers + */ + public static function getServerProtocol() { + return(\OC_Helper::serverProtocol()); + } + + /** * @brief Creates path to an image * @param $app app * @param $image image name |