From 643ebe4229249a5c3d1d7f584880ae7c35aa30b6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Barboiron?= <ced@winkie.fr>
Date: Mon, 10 Jul 2017 14:00:56 +0200
Subject: sanity: check X-Forwarded-Proto for self_url

---
 include/sanity_check.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/sanity_check.php b/include/sanity_check.php
index 2f5315edf..ea7b0da80 100755
--- a/include/sanity_check.php
+++ b/include/sanity_check.php
@@ -15,7 +15,8 @@
 	 * to get out. */
 
 	function make_self_url_path() {
-		$url_path = ($_SERVER['HTTPS'] != "on" ? 'http://' :  'https://') . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
+		$proto = ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') ? 'https' : 'http';
+		$url_path = $proto . '://' . $_SERVER["HTTP_HOST"] . parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
 
 		return $url_path;
 	}
-- 
cgit v1.2.3