Merge pull request #199 from deajan/make_https_easier

Make HTTPS proxies work
This commit is contained in:
Pierre-Lin Bonnemaison 2023-05-29 21:27:16 +02:00 committed by GitHub
commit 62eb897589
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 5 deletions

View File

@ -3,3 +3,7 @@ RewriteRule ^assets - [L]
RewriteRule ^.well-known - [L] RewriteRule ^.well-known - [L]
RewriteRule ^data/public/ - [L] RewriteRule ^data/public/ - [L]
RewriteRule . index.php RewriteRule . index.php
<IfModule headers_module>
Header always set Content-Security-Policy "upgrade-insecure-requests;"
</ifModule>

View File

@ -5,12 +5,28 @@
* Define Descartes env * Define Descartes env
*/ */
$http_dir_path = '/raspisms'; //Path we need to put after servername in url to access app $http_dir_path = '/raspisms'; //Path we need to put after servername in url to access app
$http_protocol = (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://';
$http_server_name = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost';
$http_server_port = isset($_SERVER['SERVER_PORT']) ? ($_SERVER['SERVER_PORT'] == 80) ? '' : ':' . $_SERVER['SERVER_PORT'] : '';
$https = $_SERVER['HTTPS'] ?? false;
if ( !isset($_SERVER['SERVER_PORT']) || ($_SERVER['SERVER_PORT'] == 80 && !$https) || ($_SERVER['SERVER_PORT'] == 443 && $https) ) if ((isset($_SERVER['HTTPS']) && (($_SERVER['HTTPS'] == 'on') || ($_SERVER['HTTPS'] == '1'))) || (isset($_SERVER['HTTPS']) && $_SERVER['SERVER_PORT'] == 443)) {
// Our server uses HTTPS
$https = true;
$http_proxy = false;
$http_protocol = 'https://';
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') {
// We are behind a HTTPS proxy
$https = true;
$http_proxy = true;
$http_protocol = 'https://';
// Don't bother to advertise port behind a proxy server
} else {
// Standard HTTP
$https = false;
$http_proxy = false;
$http_protocol = 'http://';
}
$http_server_name = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost';
if (!isset($_SERVER['SERVER_PORT']) || ($_SERVER['SERVER_PORT'] == 80 && !$https) || ($_SERVER['SERVER_PORT'] == 443 && $https) || $http_proxy)
{ {
$http_server_port = ''; $http_server_port = '';
} }
@ -19,6 +35,10 @@
$http_server_port = ':' . $_SERVER['SERVER_PORT']; $http_server_port = ':' . $_SERVER['SERVER_PORT'];
} }
$pwd = substr(__DIR__, 0, strrpos(__DIR__, '/'));
$http_pwd = $http_protocol . $http_server_name . $http_server_port . $http_dir_path;
$pwd = substr(__DIR__, 0, strrpos(__DIR__, '/')); $pwd = substr(__DIR__, 0, strrpos(__DIR__, '/'));
$http_pwd = $http_protocol . $http_server_name . $http_server_port . $http_dir_path; $http_pwd = $http_protocol . $http_server_name . $http_server_port . $http_dir_path;