[BUGFIX] Wrong HTTP protocol in combination with a proxy
authorMichael Staatz <mstaatz@me.com>
Fri, 13 Apr 2012 18:46:11 +0000 (20:46 +0200)
committerTolleiv Nietsch <tolleiv.nietsch@typo3.org>
Sun, 22 Apr 2012 08:09:01 +0000 (10:09 +0200)
When a reverse proxy is configured in $TYPO3_CONF_VARS and you call
t3lib_div::getIndpEnv('TYPO3_SSL') it returns the wrong protocol.

You can reproduce this in the following way:
If realUrl has the configuration to take the next higher level in the
page tree in the case of not finding the current page then the protocol
will be changed by the static method t3lib_div::getIndpEnv('TYPO3_SSL')

Change-Id: I7a3c74c117753edfc1b9552d4110479f3a013f46
Fixes: #36004
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10433
Reviewed-by: Sebastian Popovic
Tested-by: Sebastian Popovic
Reviewed-by: Tom Ruether
Tested-by: Tom Ruether
Reviewed-by: Chris Wittmann
Tested-by: Chris Wittmann
Reviewed-by: Tolleiv Nietsch
Tested-by: Tolleiv Nietsch
t3lib/class.t3lib_div.php

index dcd006c..7eac225 100644 (file)
@@ -3562,7 +3562,7 @@ final class t3lib_div {
                                if ($proxySSL == '*') {
                                        $proxySSL = $GLOBALS['TYPO3_CONF_VARS']['SYS']['reverseProxyIP'];
                                }
-                               if (self::cmpIP($_SERVER['REMOTE_ADDR'], $proxySSL)) {
+                               if (self::cmpIP(self::getIndpEnv('REMOTE_ADDR'), $proxySSL)) {
                                        $retVal = TRUE;
                                } else {
                                        $retVal = $_SERVER['SSL_SESSION_ID'] || !strcasecmp($_SERVER['HTTPS'], 'on') || !strcmp($_SERVER['HTTPS'], '1') ? TRUE : FALSE; // see http://bugs.typo3.org/view.php?id=3909