Mascali
/
raspisms
mirror of https://github.com/RaspbianFrance/raspisms.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

clean http_pwd forging

This commit is contained in:
osaajani 2023-05-29 21:53:09 +02:00
parent 62eb897589
commit 7014f3da68
1 changed files with 17 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
descartes/env.php
View File

@ -5,40 +5,28 @@
* Define Descartes env * Define Descartes env
*/ */
$http_dir_path = '/raspisms'; //Path we need to put after servername in url to access app $http_dir_path = '/raspisms'; //Path we need to put after servername in url to access app
$https = $_SERVER['HTTPS'] ?? 0;
if ((isset($_SERVER['HTTPS']) && (($_SERVER['HTTPS'] == 'on') || ($_SERVER['HTTPS'] == '1'))) || (isset($_SERVER['HTTPS']) && $_SERVER['SERVER_PORT'] == 443)) { // Check for proxy forward
// Our server uses HTTPS $forwarded_https = ($_SERVER['HTTP_X_FORWARDED_PROTO'] ?? $_SERVER['HTTP_FORWARDED_PROTO'] ?? NULL) == 'https';
$https = true; $forwarded_ssl = ($_SERVER['HTTP_X_FORWARDED_SSL'] ?? NULL) == 'on';
$http_proxy = false; $proxy = $forwarded_https || $forwarded_ssl;
$http_protocol = 'https://';
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') { $http_protocol = 'http://';
// We are behind a HTTPS proxy if ($https)
$https = true;
$http_proxy = true;
$http_protocol = 'https://';
// Don't bother to advertise port behind a proxy server
} else {
// Standard HTTP
$https = false;
$http_proxy = false;
$http_protocol = 'http://';
}
$http_server_name = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : 'localhost';
if (!isset($_SERVER['SERVER_PORT']) || ($_SERVER['SERVER_PORT'] == 80 && !$https) || ($_SERVER['SERVER_PORT'] == 443 && $https) || $http_proxy)
{ {
$http_server_port = ''; $http_protocol = 'https://';
}
else
{
$http_server_port = ':' . $_SERVER['SERVER_PORT'];
} }
$pwd = substr(__DIR__, 0, strrpos(__DIR__, '/')); $http_server_name = $_SERVER['SERVER_NAME'] ?? 'localhost';
$http_pwd = $http_protocol . $http_server_name . $http_server_port . $http_dir_path;
// Check port to only set it if not default port
$port = $_SERVER['SERVER_PORT'] ?? '';
$port = ($port == 80 && !$https) ? '' : $port;
$port = ($port == 443 && $https) ? '' : $port;
$port = $proxy ? '' : $port;
$http_server_port = $port ? ':' . $port : '';
$pwd = substr(__DIR__, 0, strrpos(__DIR__, '/')); $pwd = substr(__DIR__, 0, strrpos(__DIR__, '/'));
$http_pwd = $http_protocol . $http_server_name . $http_server_port . $http_dir_path; $http_pwd = $http_protocol . $http_server_name . $http_server_port . $http_dir_path;