]> git.wh0rd.org - tt-rss.git/blobdiff - include/sanity_check.php
git.wh0rd.org / tt-rss.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
sanity: check X-Forwarded-Proto for self_url
[tt-rss.git] / include / sanity_check.php
diff --git a/include/sanity_check.php b/include/sanity_check.php
index 2f5315edf622a4a8fa4615c039eb9ccfe1d0f912..ea7b0da806e30da87793132368d54348116c16a8 100755 (executable)
--- a/include/sanity_check.php
+++ b/include/sanity_check.php
@@ -15,7 +15,8 @@
         * to get out. */
 
        function make_self_url_path() {
-               $url_path = ($_SERVER['HTTPS'] != "on" ? 'http://' :  'https://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
+               $proto = ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') ? 'https' : 'http';
+               $url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
 
                return $url_path;
        }
web-based news feed (RSS/Atom) reader and aggregator; see https://tt-rss.org/