hopefully unify handling of server HTTPS variables where needed, use scheme based...

diff --git a/include/functions.php b/include/functions.php
index f290560778467dae1c91f7f3d778fb150d1e8714..ad6f2689ce9d9401d257eed549ef604046cada3f 100644 (file)
--- a/include/functions.php
+++ b/include/functions.php
@@ -1528,7 +1528,6 @@
                $doc->loadHTML($charset_hack . $res);
                $xpath = new DOMXPath($doc);
 
-               $ttrss_uses_https = parse_url(get_self_url_prefix(), PHP_URL_SCHEME) === 'https';
                $rewrite_base_url = $site_url ? $site_url : get_self_url_prefix();
 
                $entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src])');
@@ -1578,7 +1577,7 @@
                                if ($entry->hasAttribute('src')) {
                                        $is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https';
 
-                                       if ($ttrss_uses_https && !$is_https_url) {
+                                       if (is_prefix_https() && !$is_https_url) {
 
                                                if ($entry->hasAttribute('srcset')) {
                                                        $entry->removeAttribute('srcset');
@@ -1619,7 +1618,7 @@
                        if (!iframe_whitelisted($entry)) {
                                $entry->setAttribute('sandbox', 'allow-scripts');
                        } else {
-                               if ($_SERVER['HTTPS'] == "on") {
+                               if (is_prefix_https()) {
                                        $entry->setAttribute("src",
                                                str_replace("http://", "https://",
                                                        $entry->getAttribute("src")));
@@ -1782,6 +1781,14 @@
                return $tag;
        }
 
+       function is_server_https() {
+               return $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
+       }
+
+       function is_prefix_https() {
+               return parse_url(SELF_URL_PATH, PHP_URL_SCHEME) == 'https';
+       }
+
        // this returns SELF_URL_PATH sans ending slash
        function get_self_url_prefix() {
                if (strrpos(SELF_URL_PATH, "/") === strlen(SELF_URL_PATH)-1) {

diff --git a/include/sanity_check.php b/include/sanity_check.php
index ea7b0da806e30da87793132368d54348116c16a8..964dce03c39e3621103519250bc54f2c166f4751 100755 (executable)
--- a/include/sanity_check.php
+++ b/include/sanity_check.php
@@ -15,7 +15,7 @@
         * to get out. */
 
        function make_self_url_path() {
-               $proto = ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') ? 'https' : 'http';
+               $proto = is_server_https() ? 'https' : 'http';
                $url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
 
                return $url_path;
@@ -108,7 +108,7 @@
 
                        if (isset($_SERVER["HTTP_HOST"]) &&
                                (!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) &&
-                SELF_URL_PATH != $ref_self_url_path && SELF_URL_PATH != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) {
+                               SELF_URL_PATH != $ref_self_url_path && SELF_URL_PATH != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) {
                                array_push($errors,
                                        "Please set SELF_URL_PATH to the correct value detected for your server: <b>$ref_self_url_path</b>");
                        }
@@ -152,12 +152,6 @@
                        if (!class_exists("DOMDocument")) {
                                array_push($errors, "PHP support for DOMDocument is required, but was not found.");
                        }
-
-                       $self_scheme = parse_url(SELF_URL_PATH, PHP_URL_SCHEME);
-
-                       if ($_SERVER['HTTPS'] && $self_scheme == 'http') {
-                               array_push($errors, "You are accessing tt-rss over SSL but SELF_URL_PATH in config.php refers to a http:// URL.");
-                       }
                }
 
                if (count($errors) > 0 && $_SERVER['REQUEST_URI']) { ?>

diff --git a/install/index.php b/install/index.php
index 7da311ffb832c2bbf65d6406529ed395d3b86e12..4239f5893f949e84f84a9de47538204cf1f8bbcd 100755 (executable)
--- a/install/index.php
+++ b/install/index.php
@@ -22,7 +22,7 @@
                $password = "";
                $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ*%+^";
 
-       $i = 0;
+       $i = 0;
 
                while ($i < $length) {
                        $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
@@ -179,8 +179,12 @@
                }
        }
 
+       function is_server_https() {
+               return $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https';
+       }
+
        function make_self_url_path() {
-               $url_path = ((!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http://' :  'https://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
+               $url_path = (is_server_https() ? 'https://' :  'http://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
 
                return $url_path;
        }