From 6a0c35d4f646478a50a84343bba82e2235244b79 Mon Sep 17 00:00:00 2001 From: pdontthink Date: Tue, 10 Jul 2007 06:00:11 +0000 Subject: [PATCH] Added ability to detect HTTP_X_FORWARDED_PROTO in get_location(), thanks to Daniel Watts git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@12516 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- ChangeLog | 2 ++ functions/strings.php | 7 ++++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 4ab60254..0127e344 100644 --- a/ChangeLog +++ b/ChangeLog @@ -202,6 +202,8 @@ Version 1.5.2 - SVN for reporting these issues. [CVE-2007-1262] - Fix busy loop and notice when two literals in IMAP fetch (#1739433). - Resolved issue with compose session not being updated after send/safe. + - Added ability to detect HTTP_X_FORWARDED_PROTO in get_location(), + thanks to Daniel Watts Version 1.5.1 (branched on 2006-02-12) -------------------------------------- diff --git a/functions/strings.php b/functions/strings.php index eff1ba66..650c0f79 100644 --- a/functions/strings.php +++ b/functions/strings.php @@ -496,11 +496,15 @@ function get_location () { /* * If you have 'SSLOptions +StdEnvVars' in your apache config * OR if you have HTTPS=on in your HTTP_SERVER_VARS + * OR if you have HTTP_X_FORWARDED_PROTO=https in your HTTP_SERVER_VARS * OR if you are on port 443 */ $getEnvVar = getenv('HTTPS'); + if (!sqgetGlobalVar('HTTP_X_FORWARDED_PROTO', $forwarded_proto, SQ_SERVER)) + $forwarded_proto = ''; if ((isset($getEnvVar) && strcasecmp($getEnvVar, 'on') === 0) || (sqgetGlobalVar('HTTPS', $https_on, SQ_SERVER) && strcasecmp($https_on, 'on') === 0) || + (strcasecmp($forwarded_proto, 'https') === 0) || (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER) && $server_port == 443)) { $proto = 'https://'; } @@ -518,7 +522,8 @@ function get_location () { if (! strstr($host, ':')) { if (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER)) { if (($server_port != 80 && $proto == 'http://') || - ($server_port != 443 && $proto == 'https://')) { + ($server_port != 443 && $proto == 'https://' && + $forwarded_proto != 'https')) { $port = sprintf(':%d', $server_port); } } -- 2.25.1