diff options
-rw-r--r-- | core/Url.php | 4 | ||||
-rw-r--r-- | tests/PHPUnit/Unit/UrlTest.php | 37 |
2 files changed, 41 insertions, 0 deletions
diff --git a/core/Url.php b/core/Url.php index 2a301a9b46..a0d480da33 100644 --- a/core/Url.php +++ b/core/Url.php @@ -711,6 +711,10 @@ class Url */ protected static function getCurrentSchemeFromRequestHeader() { + if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'http') { + return 'http'; + } + if ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] === true)) || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') ) { diff --git a/tests/PHPUnit/Unit/UrlTest.php b/tests/PHPUnit/Unit/UrlTest.php index 6f9c50d614..bb4a2ab1ba 100644 --- a/tests/PHPUnit/Unit/UrlTest.php +++ b/tests/PHPUnit/Unit/UrlTest.php @@ -73,6 +73,43 @@ class UrlTest extends \PHPUnit_Framework_TestCase } /** + * @dataProvider getProtocol + */ + public function test_getCurrentScheme_ProtoHeaderShouldPrecedenceHttpsHeader($proto) + { + $_SERVER['HTTPS'] = 'on'; + $_SERVER['HTTP_X_FORWARDED_PROTO'] = $proto; + $this->assertEquals($proto, Url::getCurrentScheme()); + + unset($_SERVER['HTTP_X_FORWARDED_PROTO']); + unset($_SERVER['HTTPS']); + } + + /** + * @dataProvider getProtocol + */ + public function test_getCurrentScheme_shouldDetectSecureFromHttpsHeader() + { + $_SERVER['HTTPS'] = 'on'; + $this->assertEquals('https', Url::getCurrentScheme()); + + unset($_SERVER['HTTPS']); + } + + /** + * @dataProvider getProtocol + */ + public function test_getCurrentScheme_shouldBeHttpByDefault() + { + $this->assertEquals('http', Url::getCurrentScheme()); + } + + public function getProtocol() + { + return array(array('http'), array('https')); + } + + /** * Dataprovider for testIsLocalUrl */ public function getLocalUrls() |