#20567 closed enhancement (duplicate)
is_ssl check for proxy forwarding
Reported by: | Mvied | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 3.4 |
Component: | General | Keywords: | has-patch |
Focuses: | Cc: |
Description
When using SSL in a proxy environment, sometimes the proxy is configured to set the X-Forwarded headers rather than modify the original response headers. This patch adds two additional conditionals to is_ssl to check for these X-Forwarded headers.
Attachments (1)
Change History (6)
#2
@
13 years ago
- Milestone Awaiting Review deleted
- Resolution set to duplicate
- Status changed from new to closed
Actually, a duplicate of #15733.
#3
@
13 years ago
The other ticket's patch only checks HTTP_X_FORWARDED_PROTO and not HTTP_X_FORWARDED_PORT. Should I upload a patch to the other ticket?
#4
@
13 years ago
Based on the comments in #15733, this is not a WordPress configuration issue. Set $_SERVER['HTTPS']
to whatever it is supposed to be on your environment via wp-config.php.
#5
@
12 years ago
There's a simple plugin in Gist that could easily be modified to work with whichever situation you have on your specific server. Maybe someone could turn it into a configurable plugin if they felt the urge :)
Explanation of Gist in this blog post
NB: note that it isn't safe to assume that these headers are added by the host; because they are non-standard headers, they can be added by the client, and thus some crafty prick could manufacture a situation where the request to the server tells it that SSL is enabled when it isn't, and perform a man-in-the-middle attack. I therefore recommend that core does not accept the patch on this ticket, and instead this function be handled by a plugin.
/wp-includes/functions.php