From: Andrew Dolgov Date: Mon, 10 Jul 2017 13:20:40 +0000 (+0300) Subject: hopefully unify handling of server HTTPS variables where needed, use scheme based... X-Git-Tag: 17.12~145^2~1 X-Git-Url: https://git.wh0rd.org/?p=tt-rss.git;a=commitdiff_plain;h=9f7bd151c6623397e35661200ff3f7aa8b3850d8 hopefully unify handling of server HTTPS variables where needed, use scheme based on SELF_URL_PATH otherwise --- diff --git a/include/functions.php b/include/functions.php index f2905607..ad6f2689 100644 --- a/include/functions.php +++ b/include/functions.php @@ -1528,7 +1528,6 @@ $doc->loadHTML($charset_hack . $res); $xpath = new DOMXPath($doc); - $ttrss_uses_https = parse_url(get_self_url_prefix(), PHP_URL_SCHEME) === 'https'; $rewrite_base_url = $site_url ? $site_url : get_self_url_prefix(); $entries = $xpath->query('(//a[@href]|//img[@src]|//video/source[@src]|//audio/source[@src])'); @@ -1578,7 +1577,7 @@ if ($entry->hasAttribute('src')) { $is_https_url = parse_url($entry->getAttribute('src'), PHP_URL_SCHEME) === 'https'; - if ($ttrss_uses_https && !$is_https_url) { + if (is_prefix_https() && !$is_https_url) { if ($entry->hasAttribute('srcset')) { $entry->removeAttribute('srcset'); @@ -1619,7 +1618,7 @@ if (!iframe_whitelisted($entry)) { $entry->setAttribute('sandbox', 'allow-scripts'); } else { - if ($_SERVER['HTTPS'] == "on") { + if (is_prefix_https()) { $entry->setAttribute("src", str_replace("http://", "https://", $entry->getAttribute("src"))); @@ -1782,6 +1781,14 @@ return $tag; } + function is_server_https() { + return $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'; + } + + function is_prefix_https() { + return parse_url(SELF_URL_PATH, PHP_URL_SCHEME) == 'https'; + } + // this returns SELF_URL_PATH sans ending slash function get_self_url_prefix() { if (strrpos(SELF_URL_PATH, "/") === strlen(SELF_URL_PATH)-1) { diff --git a/include/sanity_check.php b/include/sanity_check.php index ea7b0da8..964dce03 100755 --- a/include/sanity_check.php +++ b/include/sanity_check.php @@ -15,7 +15,7 @@ * to get out. */ function make_self_url_path() { - $proto = ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') ? 'https' : 'http'; + $proto = is_server_https() ? 'https' : 'http'; $url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); return $url_path; @@ -108,7 +108,7 @@ if (isset($_SERVER["HTTP_HOST"]) && (!defined('_SKIP_SELF_URL_PATH_CHECKS') || !_SKIP_SELF_URL_PATH_CHECKS) && - SELF_URL_PATH != $ref_self_url_path && SELF_URL_PATH != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) { + SELF_URL_PATH != $ref_self_url_path && SELF_URL_PATH != mb_substr($ref_self_url_path, 0, mb_strlen($ref_self_url_path)-1)) { array_push($errors, "Please set SELF_URL_PATH to the correct value detected for your server: $ref_self_url_path"); } @@ -152,12 +152,6 @@ if (!class_exists("DOMDocument")) { array_push($errors, "PHP support for DOMDocument is required, but was not found."); } - - $self_scheme = parse_url(SELF_URL_PATH, PHP_URL_SCHEME); - - if ($_SERVER['HTTPS'] && $self_scheme == 'http') { - array_push($errors, "You are accessing tt-rss over SSL but SELF_URL_PATH in config.php refers to a http:// URL."); - } } if (count($errors) > 0 && $_SERVER['REQUEST_URI']) { ?> diff --git a/install/index.php b/install/index.php index 7da311ff..4239f589 100755 --- a/install/index.php +++ b/install/index.php @@ -22,7 +22,7 @@ $password = ""; $possible = "0123456789abcdfghjkmnpqrstvwxyzABCDFGHJKMNPQRSTVWXYZ*%+^"; - $i = 0; + $i = 0; while ($i < $length) { $char = substr($possible, mt_rand(0, strlen($possible)-1), 1); @@ -179,8 +179,12 @@ } } + function is_server_https() { + return $_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'; + } + function make_self_url_path() { - $url_path = ((!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http://' : 'https://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); + $url_path = (is_server_https() ? 'https://' : 'http://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH); return $url_path; }