LineageOTA: TLS is not detected when running behind a reverse proxy

Is:

index.php has

   if( isset($_SERVER['HTTPS'] ) )
        $protocol = 'https://';
    else
        $protocol = 'http://';`

This fails to detect reverse-proxy situations (c.f. https://bugs.php.net/bug.php?id=66398)

Shoud:

index.php schould honor X-FORWARDED-PROTO

About this issue

Original URL
State: closed
Created 5 years ago
Reactions: 1
Comments: 19 (14 by maintainers)

Most upvoted comments

PR merged. Feel free to try and let me know!

+1

julianxhokaxhiu on Mar 29, 2020

@TpmKranz not sure why you think it X headers are deprecated https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Forwarded .

The alternative and de-facto standard versions of this header are the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Proto headers.

Anyway, I don’t think it can hurt to support both.

@julianxhokaxhiu Created a new PR https://github.com/julianxhokaxhiu/LineageOTA/pull/57

+1

ionphractal on Mar 29, 2020

Read more comments on GitHub

← sqlline: username/password not working in connection string

pyjulia: PyJulia does not work with Julia 1.0 & 0.7 with Python installed via Conda/Ubuntu/(what else?) →