« Previous | Next » 

Revision ca7d52f5


Added by Bastian Waidelich about 8 years ago

[BUGFIX] Respect X-Forwarded-Proto header consistently

The ``Http\Request`` currently only considers ``X-Forwarded-Proto``
headers in its isSecure() method.

With this change the header is checked in the constructor so that it
overrules the requested protocol if set.


GET http://acme.com:8080 HTTP/1.1
X-Forwarded-Proto: https
X-Forwarded-Port: 443

Generated URIs like ``http://acme.com:8080``. With this change the
result is ``https://acme.com``.

Change-Id: If12eee73208b29049d543a9563a3b42161b1f024
Fixes: #54453
Releases: 2.0, master

  • added
  • modified
  • copied
  • renamed
  • deleted