diff options
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | index.php | 2 | ||||
-rw-r--r-- | program/include/main.inc | 21 | ||||
-rw-r--r-- | program/include/rcube_shared.inc | 2 |
4 files changed, 24 insertions, 2 deletions
@@ -1,6 +1,7 @@ CHANGELOG RoundCube Webmail =========================== +- Fix $_SERVER['HTTPS'] check for SSL forcing on IIS (#1486243) - Avoid unnecessary page loads for selected tab (#1486032) - Fix quota indicator issues by content generation on client-size (#1486197, #1486220) - Don't display disabled sections in Settings (#1486099) @@ -66,7 +66,7 @@ if ($RCMAIL->action=='error' && !empty($_GET['_code'])) { // check if https is required (for login) and redirect if necessary if (empty($_SESSION['user_id']) && ($force_https = $RCMAIL->config->get('force_https', false))) { $https_port = is_bool($force_https) ? 443 : $force_https; - if (!(isset($_SERVER['HTTPS']) || $_SERVER['SERVER_PORT'] == $use_https || $RCMAIL->config->get('use_https'))) { + if (!rcube_https_check($https_port)) { header('Location: https://' . $_SERVER['HTTP_HOST'] . ($https_port != 443 ? ':' . $https_port : '') . $_SERVER['REQUEST_URI']); exit; } diff --git a/program/include/main.inc b/program/include/main.inc index 06d7780d1..aa0d3fa26 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -1401,6 +1401,27 @@ function rcube_html_editor($mode='') /** + * Check if working in SSL mode + * + * @param integer HTTPS port number + * @param boolean Enables 'use_https' option checking + */ +function rcube_https_check($port=null, $use_https=true) +{ + global $RCMAIL; + + if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') + return true; + if ($port && $_SERVER['SERVER_PORT'] == $port) + return true; + if ($use_https && $RCMAIL->config->get('use_https')) + return true; + + return false; +} + + +/** * E-mail address validation */ function check_email($email) diff --git a/program/include/rcube_shared.inc b/program/include/rcube_shared.inc index 97314ccd1..4119f1287 100644 --- a/program/include/rcube_shared.inc +++ b/program/include/rcube_shared.inc @@ -41,7 +41,7 @@ function send_nocacheing_headers() header("Pragma: no-cache"); // We need to set the following headers to make downloads work using IE in HTTPS mode. - if (isset($_SERVER['HTTPS']) || rcmail::get_instance()->config->get('use_https')) { + if (rcube_https_check()) { header('Pragma: '); header('Cache-Control: '); } |