From 711ea1534769c19e3bf3c40c79388ab287f8604b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mike=20Schw=C3=B6rer?= Date: Sat, 26 Aug 2023 21:47:09 +0200 Subject: [PATCH] Fix https redirects behind reverse-proxy --- www/internals/utils.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/www/internals/utils.php b/www/internals/utils.php index 46228a0..0eff6b7 100644 --- a/www/internals/utils.php +++ b/www/internals/utils.php @@ -222,7 +222,11 @@ function getRandomToken($length = 32) function isHTTPRequest() { - return (!isset($_SERVER['HTTPS'])) || empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"; + if (isset($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTOCOL']) === "https" ) return false; + + if (isset($_SERVER['HTTPS']) && (!empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] !== "off")) return false; + + return true; } function str_max_len(string $str, int $max)