From: Jaroslav Škarvada Date: Wed, 5 Mar 2014 11:03:17 +0000 (+0100) Subject: Fix HTTPS protocol detection X-Git-Tag: 1.31.0-rc.0~12664 X-Git-Url: http://git.cyclocoop.org/%22%20.%20generer_url_ecrire%28%22articles%22%2C%22id_article=%24id_article%22%29%20.%20%22?a=commitdiff_plain;h=89a5f17463dba70cbb9d5b9edbf797af965317e1;p=lhc%2Fweb%2Fwiklou.git Fix HTTPS protocol detection According to PHP documentation: http://www.php.net/manual/en/reserved.variables.server.php The $_SERVER['HTTPS'] is set to a non-empty value if the script was queried through the HTTPS protocol. There is also note that for ISAPI with IIS, the value is set to 'off' if the request was not made through the HTTPS protocol. To follow the PHP documentation the $_SERVER['HTTPS'] == 'on' doesn't seem to be the correct way how to detect the HTTPS protocol (there maybe e.g. '1' instead of 'on'). Bug: 46511 Change-Id: I5675fed9b7d54711b96b25702181112ef3692f3c --- diff --git a/includes/WebRequest.php b/includes/WebRequest.php index e931f286a4..f86a45494e 100644 --- a/includes/WebRequest.php +++ b/includes/WebRequest.php @@ -207,9 +207,9 @@ class WebRequest { * @return array */ public static function detectProtocol() { - if ( ( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'on' ) || + if ( ( !empty( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] !== 'off' ) || ( isset( $_SERVER['HTTP_X_FORWARDED_PROTO'] ) && - $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ) ) { + $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https' ) ) { return 'https'; } else { return 'http';