From 5d370c7e9606ca01047509aff34d71dc8cf80b42 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur <eldy@destailleur.fr> Date: Wed, 12 Dec 2012 02:37:15 +0100 Subject: [PATCH] Fix: force redirect to https could not work for some environments --- htdocs/conf/conf.php.example | 7 +++++-- htdocs/main.inc.php | 13 +++++++++---- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/htdocs/conf/conf.php.example b/htdocs/conf/conf.php.example index dd006d7755e..98cb5e96dc3 100644 --- a/htdocs/conf/conf.php.example +++ b/htdocs/conf/conf.php.example @@ -197,11 +197,14 @@ $dolibarr_main_authentication='dolibarr'; //################## // dolibarr_main_force_https -// This parameter allows to force the HTTPS mode. +// This parameter allows to force the HTTPS mode. +// 0 = No forced redirect +// 1 = Force redirect to https until SCRIPT_URI start with https +// 2 = Force redirect to https until SERVER["HTTPS"] is 'on' // Warning: If you enable this parameter, your web server must be configured // to respond URL with https protocol. // Default value: 0 -// Possible values: 0 or 1 +// Possible values: 0, 1 or 2 // Examples: // $dolibarr_main_force_https='0'; // diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 2a13c7f19e5..0daf63ff750 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -196,9 +196,9 @@ if (isset($_SERVER["HTTP_USER_AGENT"])) if (! empty($conf->file->main_force_https)) { $newurl=''; - if ($conf->file->main_force_https == '1') + if (is_numeric($conf->file->main_force_https)) { - if (! empty($_SERVER["SCRIPT_URI"])) // If SCRIPT_URI supported by server + if ($conf->file->main_force_https == '1' && ! empty($_SERVER["SCRIPT_URI"])) // If SCRIPT_URI supported by server { if (preg_match('/^http:/i',$_SERVER["SCRIPT_URI"]) && ! preg_match('/^https:/i',$_SERVER["SCRIPT_URI"])) // If link is http { @@ -216,7 +216,12 @@ if (! empty($conf->file->main_force_https)) } else { - $newurl=$conf->file->main_force_https.$_SERVER["REQUEST_URI"]; + // Check HTTPS environment variable (Apache/mod_ssl only) + // $_SERVER["HTTPS"] is 'on' when link is https, otherwise $_SERVER["HTTPS"] is empty or 'off' + if (empty($_SERVER["HTTPS"]) || $_SERVER["HTTPS"] != 'on') // If link is http + { + $newurl=$conf->file->main_force_https.$_SERVER["REQUEST_URI"]; + } } // Start redirect if ($newurl) @@ -792,7 +797,7 @@ if (! function_exists("llxHeader")) function llxHeader($head = '', $title='', $help_url='', $target='', $disablejs=0, $disablehead=0, $arrayofjs='', $arrayofcss='', $morequerystring='') { global $conf; - + top_htmlhead($head, $title, $disablejs, $disablehead, $arrayofjs, $arrayofcss); // Show html headers if (empty($conf->global->MAIN_HIDE_TOP_MENU)) { -- GitLab