Bug #37467
Updated by Sybille Peters over 6 years ago
The change introduced in TYPO3 4.5.16 as fix for bug #36004 (http://forge.typo3.org/projects/typo3v4-core/repository/revisions/2b40a5e2511d96bf2cdfa3cbbc969e154153c8ec) makes working in backend impossible for some HTTPS reverse-proxy configurations. It may be a misconfiguration on our end, but as far as I can see, since the change HTTPS will only work with HTTPS via reverse proxy, if *X-Forwarded-For* X-Forwarded-For contains local and proxy IP and 'TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue' is set to "last" <pre><code class="php"> $['TYPO3_CONF_VARS']['SYS']['reverseProxyHeaderMultiValue' = "last"; </code></pre> Login to backend works, but then a network connections error is displayed (_"Verbindungsproblem ("Verbindungsproblem Bei dem Versuch eine Verbindung zum Server herzustellen ist ein Fehler aufgetreten. Bitte überprüfen Sie Ihre Netzwerkverbindung."_) Netzwerkverbindung.") Analyzing this shows that the changed line 4151 in class.t3lib_div.php has caused this problem: older version: <pre><code class="php"> old: if (self::cmpIP($_SERVER['REMOTE_ADDR'], $proxySSL)) { </code></pre> newer version: <pre><code class="php"> new: if (self::cmpIP(self::getIndpEnv('REMOTE_ADDR'), $proxySSL)) { $_SERVER['REMOTE_ADDR' is IP of reverse-proxy </code></pre> getIndpEnv('REMOTE_ADDR') returns local IP (uses X-Forwarded-For which contains only local IP)