Commit 9661d218 authored by Francois Marier's avatar Francois Marier

Fix infinite redirect loops when running on https

This partly reverts commit b8ff08c6
which was done to fix bug #829674.

The is_https() function should only be used when checking for the
presence of https in the wwwroot.

Change-Id: Ifeec5422e26b8a7205baf2816a99c7a77b33b933
Signed-off-by: default avatarFrancois Marier <francois@catalyst.net.nz>
parent aff1ab49
......@@ -160,7 +160,7 @@ catch (SQLException $e) {
// Make sure wwwroot is set and available, either in the database or in the
// config file. Cron requires it when sending out forums emails.
if (!isset($CFG->wwwroot) && isset($_SERVER['HTTP_HOST'])) {
$proto = is_https() === true ? 'https://' : 'http://';
$proto = (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off') ? 'https://' : 'http://';
$host = (isset($_SERVER['HTTP_X_FORWARDED_HOST'])) ? $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER['HTTP_HOST'];
if (false !== strpos($host, ',')) {
list($host) = explode(',', $host);
......@@ -212,12 +212,13 @@ if (isset($CFG->wwwroot)) {
}
// If we're forcing an ssl proxy, make sure the wwwroot is correct
if ($CFG->sslproxy === true && is_https() === false) {
if ($CFG->sslproxy == true && parse_url($CFG->wwwroot, PHP_URL_SCHEME) !== 'https') {
throw new ConfigSanityException(get_string('wwwrootnothttps', 'error', get_config('wwwroot')));
}
// Make sure that we are using ssl if wwwroot expects us to do so
if ($CFG->sslproxy === false && isset($_SERVER['REMOTE_ADDR']) && is_https() === true){
if ($CFG->sslproxy === false && isset($_SERVER['REMOTE_ADDR']) && (!isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) == 'off') &&
parse_url($CFG->wwwroot, PHP_URL_SCHEME) === 'https'){
redirect(get_relative_script_path());
}
if (!isset($CFG->noreplyaddress) && isset($_SERVER['HTTP_HOST'])) {
......
......@@ -2543,8 +2543,10 @@ function get_full_script_path() {
}
}
if (is_https() === true || (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443' )) {
$protocol = 'https://';
if (isset($_SERVER['HTTPS'])) {
$protocol = ($_SERVER['HTTPS'] == 'on') ? 'https://' : 'http://';
} else if (isset($_SERVER['SERVER_PORT'])) { # Apache2 does not export $_SERVER['HTTPS']
$protocol = ($_SERVER['SERVER_PORT'] == '443') ? 'https://' : 'http://';
} else {
$protocol = 'http://';
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment