From 7b114771d337af3bfd51d8fda1e8f2fd5b39535d Mon Sep 17 00:00:00 2001
From: Fanch <fanch-github@qth.fr>
Date: Tue, 1 Sep 2015 13:37:04 +0200
Subject: [PATCH] SSL detection: add support for `X-Forwarded-Proto`

Duplicates #332

See:
 - RFC 7239 - Forwarded HTTP Extension
   http://www.ietf.org/rfc/rfc7239.txt
 - RFC 6238 - Deprecating the "X-" Prefix and Similar Constructs in Application Protocols
   http://www.ietf.org/rfc/rfc6648.txt
 - StackOverflow - Custom HTTP headers: naming conventions
   http://stackoverflow.com/a/3561399
---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index 61d92f0..7818ee8 100755
--- a/index.php
+++ b/index.php
@@ -463,7 +463,7 @@ if (isset($_POST['login']))
 // You can append $_SERVER['SCRIPT_NAME'] to get the current script URL.
 function serverUrl()
 {
-    $https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443'; // HTTPS detection.
+    $https = (!empty($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS'])=='on')) || $_SERVER["SERVER_PORT"]=='443' || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'); // HTTPS detection.
     $serverport = ($_SERVER["SERVER_PORT"]=='80' || ($https && $_SERVER["SERVER_PORT"]=='443') ? '' : ':'.$_SERVER["SERVER_PORT"]);
     return 'http'.($https?'s':'').'://'.$_SERVER['SERVER_NAME'].$serverport;
 }