Allow overriding HTTPS

In the case where the proxy does not pass `HTTP_X_FORWARDED_PROTO`, we need a way to explicitly request `https://` scheme on callbacks.

This change adds a constant `FORCE_HTTPS` which can be used to forcibly override automatic detection of HTTPS usage, when set.
This commit is contained in:
Tai Kedzierski 2018-10-24 17:33:09 +01:00
parent 76db7de73c
commit 4242fe2914
3 changed files with 12 additions and 1 deletions

View File

@ -28,7 +28,12 @@ class Utils {
$serverName = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : ''; $serverName = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : '';
$serverPort = isset($_SERVER['SERVER_PORT']) ? $_SERVER['SERVER_PORT'] : ''; $serverPort = isset($_SERVER['SERVER_PORT']) ? $_SERVER['SERVER_PORT'] : '';
$scheme = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')) ? 'https' : 'http'; $scheme = (
(defined('FORCE_HTTPS') && FORCE_HTTPS === true) ||
(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ||
(isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
) ? 'https' : 'http';
$port = in_array($serverPort, ['80', '443'], true) ? '' : ':' . $serverPort; $port = in_array($serverPort, ['80', '443'], true) ? '' : ':' . $serverPort;
$dirname = dirname($_SERVER['SCRIPT_NAME']); $dirname = dirname($_SERVER['SCRIPT_NAME']);
$dirname = $dirname === '\\' ? '/' : $dirname . '/'; $dirname = $dirname === '\\' ? '/' : $dirname . '/';

View File

@ -3,6 +3,7 @@
# Read environment variables or set default values # Read environment variables or set default values
FRAMADATE_CONFIG=${FRAMADATE_CONFIG:-/var/www/framadate/app/inc/config.php} FRAMADATE_CONFIG=${FRAMADATE_CONFIG:-/var/www/framadate/app/inc/config.php}
DOMAIN=${DOMAIN-localhost} DOMAIN=${DOMAIN-localhost}
FORCE_HTTPS=${FORCE_HTTPS-false}
APP_NAME=${APP_NAME-Framadate} APP_NAME=${APP_NAME-Framadate}
ADMIN_MAIL=${ADMIN_MAIL-} ADMIN_MAIL=${ADMIN_MAIL-}
NO_REPLY_MAIL=${NO_REPLY_MAIL-} NO_REPLY_MAIL=${NO_REPLY_MAIL-}
@ -21,6 +22,9 @@ if [ ! -f $FRAMADATE_CONFIG ]; then
if [ ! -z "$DOMAIN" ]; then if [ ! -z "$DOMAIN" ]; then
sed -i -E "s/^(\/\/ )?const APP_URL( )?=.*;/const APP_URL = '$DOMAIN';/g" $FRAMADATE_CONFIG sed -i -E "s/^(\/\/ )?const APP_URL( )?=.*;/const APP_URL = '$DOMAIN';/g" $FRAMADATE_CONFIG
fi fi
if [ "$FORCE_HTTPS" =~ true ]; then
sed -i -E "s/^(\/\/ )?const FORCE_HTTPS\\s*=.*;/const FORCE_HTTPS = true;/" $FRAMADATE_CONFIG
fi
sed -i -E "s/^(\/\/ )?const NOMAPPLICATION( )?=.*;/const NOMAPPLICATION = '$APP_NAME';/g" $FRAMADATE_CONFIG sed -i -E "s/^(\/\/ )?const NOMAPPLICATION( )?=.*;/const NOMAPPLICATION = '$APP_NAME';/g" $FRAMADATE_CONFIG
# Configure mail # Configure mail
sed -i -E "s/^(\/\/ )?const ADRESSEMAILADMIN( )?=.*;/const ADRESSEMAILADMIN = '$ADMIN_MAIL';/g" $FRAMADATE_CONFIG sed -i -E "s/^(\/\/ )?const ADRESSEMAILADMIN( )?=.*;/const ADRESSEMAILADMIN = '$ADMIN_MAIL';/g" $FRAMADATE_CONFIG

View File

@ -22,6 +22,8 @@
// You *have to set this* if you are running Framadate behind a reverse proxy. // You *have to set this* if you are running Framadate behind a reverse proxy.
// const APP_URL = '<www.mydomain.fr>'; // const APP_URL = '<www.mydomain.fr>';
// const FORCE_HTTPS = false;
// Application name // Application name
const NOMAPPLICATION = '{$appName|addslashes_single_quote}'; const NOMAPPLICATION = '{$appName|addslashes_single_quote}';