HTTPS through reverse proxy - Unclassified NewsBoard

nicoduck

2012-06-24, 15:15 #1

Member since May 2007 · 9 posts
Group memberships: Members

Show profile ·

Link to this post

Subject: HTTPS through reverse proxy

Hi,

I have a reverse proxy for https in front of my UNB installation. Since the header $_SERVER['HTTPS'] is not set, UNB returns http:// urls, instead of https://
Replacing

if ($_SERVER['HTTPS'] == 'on')

with

if ($_SERVER['HTTPS'] == 'on' or $_SERVER['HTTP_X_FORWARDED_PROTO']=='https')

in unb_lib/common_out.lib.php solves that problem.

Would it be better to manipulate the $_SERVER['HTTPS'] variable in one of the include files with

if ($_SERVER['HTTP_X_FORWARDED_PROTO']=='https') $_SERVER['HTTPS'] == 'on';

?

If it possible to include that enhancement in one of the further releases?

nico

Yves (Administrator) 2012-06-24, 18:09 #2

User title: UNB developer & webmaster
Member since Jan 2004 · 3855 posts · Location: Erlangen, Germany
Group memberships: Administrators, Members

Show profile ·

Link to this post

I think it looks better to check the other value instead of manipulating the original value.

Can you provide me a link to some documentation or standards that defines that HTTP_X_FORWARDED_PROTO value? I couldn't find it. If it's no common variable, I'd consider it your local customisation and not a default UNB feature. Otherwise if it's more widespread, I may include it in the core.

♪ ...nanananah, all in all we’re just brilliant thieves, nanananah... ♪♬