[SM-CVS] SF.net SVN: squirrelmail: [12517] branches/SM-1_4-STABLE/squirrelmail

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Revision: 12517
          http://squirrelmail.svn.sourceforge.net/squirrelmail/?rev=12517&view=rev
Author:   pdontthink
Date:     2007-07-09 23:00:20 -0700 (Mon, 09 Jul 2007)

Log Message:
-----------
Added ability to detect HTTP_X_FORWARDED_PROTO in get_location(), thanks to Daniel Watts

Modified Paths:
--------------
    branches/SM-1_4-STABLE/squirrelmail/ChangeLog
    branches/SM-1_4-STABLE/squirrelmail/functions/strings.php

Modified: branches/SM-1_4-STABLE/squirrelmail/ChangeLog
===================================================================

--- branches/SM-1_4-STABLE/squirrelmail/ChangeLog	2007-07-10 06:00:11 UTC (rev 12516)
+++ branches/SM-1_4-STABLE/squirrelmail/ChangeLog	2007-07-10 06:00:20 UTC (rev 12517)
@@ -21,6 +21,8 @@
   - Backported code for site wide SMTP authentication (#1531889).
   - Fixed issue with compose session not being cleaned after message is 
     saved or sent.
+  - Added ability to detect HTTP_X_FORWARDED_PROTO in get_location(),
+    thanks to Daniel Watts
 
 Version 1.4.10a - 10 May 2007
 -----------------------------

Modified: branches/SM-1_4-STABLE/squirrelmail/functions/strings.php
===================================================================
--- branches/SM-1_4-STABLE/squirrelmail/functions/strings.php	2007-07-10 06:00:11 UTC (rev 12516)
+++ branches/SM-1_4-STABLE/squirrelmail/functions/strings.php	2007-07-10 06:00:20 UTC (rev 12517)
@@ -31,6 +31,7 @@
  * For that reason, bring in global.php AFTER we define the version strings.
  */
 require_once(SM_PATH . 'functions/global.php');
+include_once(SM_PATH . 'plugins/compatibility/functions.php');
 
 /**
  * Wraps text at $wrap characters
@@ -299,11 +300,15 @@
     /*
      * If you have 'SSLOptions +StdEnvVars' in your apache config
      *     OR if you have HTTPS=on in your HTTP_SERVER_VARS
+     *     OR if you have HTTP_X_FORWARDED_PROTO=https in your HTTP_SERVER_VARS
      *     OR if you are on port 443
      */
     $getEnvVar = getenv('HTTPS');
+    if (!sqgetGlobalVar('HTTP_X_FORWARDED_PROTO', $forwarded_proto, SQ_SERVER))
+        $forwarded_proto = '';
     if ((isset($getEnvVar) && strcasecmp($getEnvVar, 'on') === 0) ||
         (sqgetGlobalVar('HTTPS', $https_on, SQ_SERVER) && strcasecmp($https_on, 'on') === 0) ||
+        (strcasecmp($forwarded_proto, 'https') === 0) ||
         (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER) &&  $server_port == 443)) {
         $proto = 'https://';
     }
@@ -318,10 +323,11 @@
     }
 
     $port = '';
-    if (! strstr($host, ':')) {
+    if (strpos($host, ':') === FALSE) {
         if (sqgetGlobalVar('SERVER_PORT', $server_port, SQ_SERVER)) {
             if (($server_port != 80 && $proto == 'http://') ||
-                ($server_port != 443 && $proto == 'https://')) {
+                ($server_port != 443 && $proto == 'https://' &&
+                 $forwarded_proto != 'https')) {
                 $port = sprintf(':%d', $server_port);
             }
         }


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


