Cannot properly handle reverse-proxy as SSL end-point
|Priority:||Should have||Due date:|
When you're website is served on port 80 (http) but is accessed through a reverse-proxy that allows both http (80) and https (443), thus acts as an SSL end-point, there is no way to check if SSL is on.
A reverse-proxy already sets an additional header X-Forwarded-For for the real remote IP. In addition, SSL end-point reverse-proxy typically set one of those header for the actual protocol:
- X-Forwarded-Proto (either "http" or "https"), typically used by Nginx
- X-Forwarded-Ssl (either "on" or "off"), typically used by Apache
- Front-End-Https (either "on" or "off"), typically used by ISA server (http://support.microsoft.com/kb/307347)
This additional header, when present, should be taken into account by t3lib_div::getIndpEnv() with parameter 'TYPO3_SSL' to properly allow testing it in TS conditions for instance.