Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Links not always HTTPS behind off-loaded SSL (AWS) #1827

Closed
CSixtyFour opened this issue Jan 11, 2018 · 6 comments
Closed

Links not always HTTPS behind off-loaded SSL (AWS) #1827

CSixtyFour opened this issue Jan 11, 2018 · 6 comments
Assignees
@rhukster
Labels
fixed

Comments

@CSixtyFour
Copy link
Contributor

I've got a site SSL offloaded on AWS. I've found some links such as in the sitemap plugin are not showing as HTTPS even though force_ssl is on in the admin panel and url rewriting is happening in htaccess. It looks like links generated using something like $uri = $this->grav['uri']; ( sitemap plugin ) don't show https.

This is my first time diving into Grav core but I think there are two things here:

  1. force_ssl is happening to high up for direct access to uri so therefore in this situation this option is irrelevant in this use case.

  2. In uri.php I think the two important environmental variables are $_SERVER['REQUEST_SCHEME'] and $_SERVER['SERVER_PORT'] both of which would be http / 80 behind an SSL offloader but probably accurate in a "normal" environment.

I have done some messy hacking for my setup but maybe $_SERVER['HTTP_X_FORWARDED_PORT'] and $_SERVER['HTTP_X_FORWARDED_PROTO] could be an override option for SSL offloading?
@rhukster
Copy link
Member 

$uri = $this->grav['uri'];

Simply gets the URI object. $uri->path() will get the path, and $uri->url() would get the URL. If you pass true you should get the full path including http:// or https://: https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Uri.php#L517

Maybe we should take into account HTTP_X_FORWARDED_PORT and HTTP_X_FORWARDED_PROTO here:

https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Uri.php#L745-L765

and here:

https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Uri.php#L61-L66

Similar to what we do for IP:

https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Uri.php#L745-L765

@rhukster rhukster self-assigned this Jan 19, 2018
CSixtyFour added a commit to CSixtyFour/grav that referenced this issue Feb 23, 2018
@CSixtyFour
Fix for getgrav#1827
d3d1497 
Modified Build scheme and Build port functions to take into account those in SSL offloading situations.
@CSixtyFour CSixtyFour mentioned this issue Feb 23, 2018
Merged
rhukster pushed a commit that referenced this issue Feb 24, 2018
@CSixtyFour @rhukster
Fix for #1827 (#1888)
eca23a9 
Modified Build scheme and Build port functions to take into account those in SSL offloading situations.
@CSixtyFour CSixtyFour mentioned this issue Feb 26, 2018
Closed
@kees-closed
Copy link

Will this fix be released soon? My sitemap also includes only http links, while my website is only accessible via https. This doesn't work with Google webmasters indexing.

@Blazeflack Blazeflack mentioned this issue Apr 17, 2018
Closed
@drnasin
Copy link
Contributor

drnasin commented May 29, 2018

is there a reason this isn't released yet?

@rhukster
Copy link
Member

I'm a bit confused because this was merged ages ago! https://github.com/getgrav/grav/pull/1888/files

But it seems it got lost when merging with Grav 1.4 branch:

7aa930c#diff-07d65c25e3a3440248e54057e22c6456

I'll have to manually merge it back in again now as Uri has changed significantly

@rhukster
Copy link
Member

Fixed again in develop for 1.4.6 release

@drnasin
Copy link
Contributor

drnasin commented Jun 1, 2018
edited
Loading

Thank you rhukster! @CSixtyFour no more manual patching for you! :)

@mahagr mahagr closed this as completed Feb 7, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rhukster rhukster

Labels
fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mahagr @rhukster @drnasin @CSixtyFour @kees-closed