Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Found Issue in CiviCRM when SSL setting-Force Secure URLs is Enabled and site is running behind the proxy or load balancer server, We have to check the header variable name, otherwise it goes into loop
CRM/Utils/System.php | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/CRM/Utils/System.php b/CRM/Utils/System.php
index fb5bb87..e978489 100644
--- a/CRM/Utils/System.php
+++ b/CRM/Utils/System.php
@@ -1184,10 +1184,14 @@ class CRM_Utils_System {
public static function redirectToSSL($abort = FALSE) {
$config = CRM_Core_Config::singleton();
$req_headers = self::getRequestHeaders();
+ $forwardProtocol = 'X_FORWARDED_PROTO';
+ if (array_key_exists('X-Forwarded-Proto', $req_headers)) {
+ $forwardProtocol = 'X-Forwarded-Proto';
+ }
// FIXME: Shouldn't the X-Forwarded-Proto check be part of CRM_Utils_System::isSSL()?
if (Civi::settings()->get('enableSSL') &&
!self::isSSL() &&
- strtolower(CRM_Utils_Array::value('X_FORWARDED_PROTO', $req_headers)) != 'https'
+ strtolower(CRM_Utils_Array::value($forwardProtocol, $req_headers)) != 'https'
) {
// ensure that SSL is enabled on a civicrm url (for cookie reasons etc)
$url = "https://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
--
2.21.0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.