- Added PHP 5.1.0 date_default_timezone_set() function support. Allows
to use time zone settings in PHP safe_mode.
- Sanitized IMAP folder names in error_message() function and filters plugin.
+ - Take X-Forwarded-Host HTTP header in consideration when constructing
+ base_uri for redirects; reduces problems with transparent proxies
+ (#1488590).
Version 1.5.1 (branched on 2006-02-12)
--------------------------------------
* OR if you are on port 443
*/
$getEnvVar = getenv('HTTPS');
- if ((isset($getEnvVar) && !strcasecmp($getEnvVar, 'on')) ||
- (sqgetGlobalVar('HTTPS', $https_on, SQ_SERVER) && !strcasecmp($https_on, 'on')) ||
+ if ((isset($getEnvVar) && strcasecmp($getEnvVar, 'on') === 0) ||
+ (sqgetGlobalVar('HTTPS', $https_on, SQ_SERVER) && strcasecmp($https_on, 'on') === 0) ||
(sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER) && $server_port == 443)) {
$proto = 'https://';
}
/* Get the hostname from the Host header or server config. */
- if ( !sqgetGlobalVar('HTTP_HOST', $host, SQ_SERVER) || empty($host) ) {
- if ( !sqgetGlobalVar('SERVER_NAME', $host, SQ_SERVER) || empty($host) ) {
- $host = '';
- }
+ if ( !sqgetGlobalVar('HTTP_X_FORWARDED_HOST', $host, SQ_SERVER) || empty($host) ) {
+ if ( !sqgetGlobalVar('HTTP_HOST', $host, SQ_SERVER) || empty($host) ) {
+ if ( !sqgetGlobalVar('SERVER_NAME', $host, SQ_SERVER) || empty($host) ) {
+ $host = '';
+ }
+ }
}
$port = '';
projects / squirrelmail.git / commitdiff