Issue #799 has been reported by Christian Iuga. ---------------------------------------- Bug #799: sendtoken behind a proxy need HTTP_X_FORWARDED_PROTO http://tools.lsc-project.org/issues/799
Author: Christian Iuga Status: New Priority: Normal Assigned to: Category: Self Service Password Target version: Hi, We use the ssp behing a proxy The url used for customer is https://RP_servename/ssp/index.php this page is forward from our ReverseProxy to the http server without ssl : http://servename/ssp/index.php It's work correctly for all page expected the forgot password : It's create the link url via sendtoken.php but this page don't use the HTTP_X_FORWARDED_PROTO Please find a simple patch to correct this behaviour --- /admin/ltb-ssp/pages/sendtoken.php.old 2015-10-12 11:00:01.000000000 +0200 +++ /admin/ltb-ssp/pages/sendtoken.php 2015-10-12 10:49:34.000000000 +0200 @@ -161,6 +161,8 @@ $server_name = $_SERVER['SERVER_NAME']; $server_port = $_SERVER['SERVER_PORT']; $script_name = $_SERVER['SCRIPT_NAME']; + if ( !empty($_SERVER['HTTP_X_FORWARDED_PROTO']) ) { $method = $_SERVER['HTTP_X_FORWARDED_PROTO']; } + if ( !empty($_SERVER['HTTP_X_FORWARDED_PORT']) ) { $server_port = $_SERVER['HTTP_X_FORWARDED_PORT']; } # Force server port if non standard port if ( ( $method === "http" and $server_port != "80" ) -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
_______________________________________________ ltb-dev mailing list [email protected] http://lists.ltb-project.org/listinfo/ltb-dev
