Bug #37467

Change in class.t3lib_div.php may break things for HTTPS via reverse proxy

Added by Sybille Peters about 9 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2012-05-24
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
4.5
PHP Version:
5.3
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

The change introduced in TYPO3 4.5.16 as fix for bug #36004 makes working in backend impossible for some HTTPS reverse-proxy configurations.

It may be a misconfiguration on our end, but as far as I can see, since the change HTTPS will only work with reverse proxy, if X-Forwarded-For contains local and proxy IP and

 $['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue' = "last";

Login to backend works, but then a network connections error is displayed ("Verbindungsproblem Bei dem Versuch eine Verbindung zum Server herzustellen ist ein Fehler aufgetreten. Bitte ├╝berpr├╝fen Sie Ihre Netzwerkverbindung.")

Analyzing this shows that the changed line 4151 in class.t3lib_div.php has caused this problem:

older version:

if (self::cmpIP($_SERVER['REMOTE_ADDR'], $proxySSL)) {

newer version:

if (self::cmpIP(self::getIndpEnv('REMOTE_ADDR'), $proxySSL)) {


Related issues

Related to TYPO3 Core - Bug #29693: Respect HTTP_X_FORWARDED_PROTO in SSL checkRejectedMichael Stucki2011-09-12

Actions

Also available in: Atom PDF