tabacco

+Clients
  • Content count

    30
  • Joined

  • Last visited


About tabacco

  • Rank
    core_member_rank_45

tabacco's Activity

  1. tabacco added a record in IP.Board   

    IP.Board can't detect https if behind an SSL-terminating load balancer
    From looking at admin/sources/classes/output/publicOutput.php:826, IP.Board only properly supports HTTPS if php reports $_SERVER['SERVER_PORT']==443.
     
    In the case of an SSL-terminating load balancer, though, this won't be the case, since the load balancer will handle the SSL and forward plain http to the backend.
     
    The usual standard in these setups is to set the following header on the request to the backend X-Forwarded-Proto: https
     
    It seems like it'd be pretty easy to hack that in on that line (and I did in my own copy):[code=:826] if ( $_SERVER['SERVER_PORT'] == SSL_PORT || ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ) ) { $this->isHTTPS = true; return; } [/code]
    If the forum wasn't behind a load balancer, it'd be possible for a client to set the header erroneously, but I'm not sure it really matters if they do.
    • 0 replies
    • 0 views

About Me

Status Feed