added a serverProtocol function that correctly returns the used protocol even if the ssl connection is terminated at a reverse_proxy or at a load balancer

13 years ago · 0d2d613f59
parent 670022cc8a
commit 0d2d613f59
3 changed files with 40 additions and 12 deletions
--- a/lib/base.php
+++ b/lib/base.php
@ -210,12 +210,10 @@ class OC{
 		// redirect to https site if configured
 		if( OC_Config::getValue( "forcessl", false )){
 			ini_set("session.cookie_secure", "on");
-			if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') {
-				if(!isset($_SERVER['HTTP_X_FORWARDED_PROTO']) or $_SERVER['HTTP_X_FORWARDED_PROTO']=='http') {
-					$url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
-					header("Location: $url");
-					exit();
-				}
+			if(OC_Helper::serverProtocol()<>'https') {
+				$url = "https://". OC_Helper::serverHost() . $_SERVER['REQUEST_URI'];
+				header("Location: $url");
+				exit();
 			}
 		}
 	}
@ -373,10 +371,10 @@ class OC{

                // CSRF protection
                if(isset($_SERVER['HTTP_REFERER'])) $referer=$_SERVER['HTTP_REFERER']; else $referer='';
-                if(isset($_SERVER['HTTPS']) and $_SERVER['HTTPS']<>'') $protocol='https://'; else $protocol='http://';
-                $server=$protocol.$_SERVER['SERVER_NAME'];
+                $protocol=OC_Helper::serverProtocol().'://'; 
+		$server=$protocol.OC_Helper::serverHost();
                if(($_SERVER['REQUEST_METHOD']=='POST') and (substr($referer,0,strlen($server))<>$server)) {
-                        $url = $protocol.$_SERVER['SERVER_NAME'].OC::$WEBROOT.'/index.php';
+			$url = $protocol.OC_Helper::serverProtocol().OC::$WEBROOT.'/index.php'; 
                        header("Location: $url");
                        exit();
                } 
--- a/lib/helper.php
+++ b/lib/helper.php
@ -89,6 +89,26 @@ class OC_Helper {
 		return $host;
 	}

+        /**
+         * @brief Returns the server protocol
+         * @returns the server protocol
+         *
+         * Returns the server protocol. It respects reverse proxy servers and load balancers
+         */
+	public static function serverProtocol() {
+		if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
+			$proto = strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']);
+		}else{
+			if(isset($_SERVER['HTTPS']) and !empty($_SERVER['HTTPS']) and ($_SERVER['HTTPS']!='off')) {
+				$proto = 'https';
+			}else{
+				$proto = 'http';
+			}
+		}
+		return($proto);
+	}
+	
+
 	/**
 	 * @brief Creates an absolute url
 	 * @param $app app
@ -99,9 +119,7 @@ class OC_Helper {
 	 */
 	public static function linkToAbsolute( $app, $file ) {
 		$urlLinkTo = self::linkTo( $app, $file );
-		// Checking if the request was made through HTTPS. The last in line is for IIS
-		$protocol = isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS']!='off');
-		$urlLinkTo = ($protocol?'https':'http') . '://'  . self::serverHost() . $urlLinkTo;
+		$urlLinkTo = OC_Helper::serverProtocol(). '://'  . self::serverHost() . $urlLinkTo;
 		return $urlLinkTo;
 	}

--- a/lib/public/util.php
+++ b/lib/public/util.php
@ -168,6 +168,18 @@ class Util {
 		return(\OC_Helper::serverHost());
 	}

+
+	/**
+	 * @brief Returns the server protocol
+	 * @returns the server protocol
+	 *
+	 * Returns the server protocol. It respects reverse proxy servers and load balancers
+	 */
+	 public static function getServerProtocol() {
+		return(\OC_Helper::serverProtocol());
+	}
+
+
 	/**
 	 * @brief Creates path to an image
 	 * @param $app app