Project

General

Profile

Actions

Bug #37467

closed

Change in class.t3lib_div.php may break things for HTTPS via reverse proxy

Added by Sybille Peters over 12 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2012-05-24
Due date:
% Done:

100%

Estimated time:
TYPO3 Version:
4.5
PHP Version:
5.3
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

The change introduced in TYPO3 4.5.16 as fix for bug #36004 makes working in backend impossible for some HTTPS reverse-proxy configurations.

It may be a misconfiguration on our end, but as far as I can see, since the change HTTPS will only work with reverse proxy, if X-Forwarded-For contains local and proxy IP and

 $['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue' = "last";

Login to backend works, but then a network connections error is displayed ("Verbindungsproblem Bei dem Versuch eine Verbindung zum Server herzustellen ist ein Fehler aufgetreten. Bitte überprüfen Sie Ihre Netzwerkverbindung.")

Analyzing this shows that the changed line 4151 in class.t3lib_div.php has caused this problem:

older version:

if (self::cmpIP($_SERVER['REMOTE_ADDR'], $proxySSL)) {

newer version:

if (self::cmpIP(self::getIndpEnv('REMOTE_ADDR'), $proxySSL)) {


Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #29693: Respect HTTP_X_FORWARDED_PROTO in SSL checkRejectedMichael Stucki2011-09-12

Actions
Actions

Also available in: Atom PDF