Skip to content

Commit

Permalink
MDL-28484 core_lib: Add function for https detection
Browse files Browse the repository at this point in the history
Signed-off-by: Tony Butler <[email protected]>
  • Loading branch information
tonyjbutler committed Oct 3, 2014
1 parent 6597413 commit 1e31f11
Show file tree
Hide file tree
Showing 19 changed files with 35 additions and 21 deletions.
2 changes: 1 addition & 1 deletion auth/shibboleth/logout.php
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@

// Find out whether host supports https
$protocol = 'http://';
if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on'){
if (is_https()) {
$protocol = 'https://';
}

Expand Down
3 changes: 1 addition & 2 deletions filter/mathjaxloader/filter.php
Original file line number Diff line number Diff line change
Expand Up @@ -95,12 +95,11 @@ public function map_language_code($moodlelangcode) {
* @param context $context The current context.
*/
public function setup($page, $context) {
global $CFG;
// This only requires execution once per request.
static $jsinitialised = false;

if (empty($jsinitialised)) {
if (strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
$url = get_config('filter_mathjaxloader', 'httpsurl');
} else {
$url = get_config('filter_mathjaxloader', 'httpurl');
Expand Down
2 changes: 1 addition & 1 deletion iplookup/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@
echo '<div id="note">'.$info['note'].'</div>';

} else {
if (strpos($CFG->wwwroot, 'https:') === 0) {
if (is_https()) {
$PAGE->requires->js(new moodle_url('https://maps.googleapis.com/maps/api/js', array('key'=>$CFG->googlemapkey3, 'sensor'=>'false')));
} else {
$PAGE->requires->js(new moodle_url('http://maps.googleapis.com/maps/api/js', array('key'=>$CFG->googlemapkey3, 'sensor'=>'false')));
Expand Down
2 changes: 1 addition & 1 deletion lib/badgeslib.php
Original file line number Diff line number Diff line change
Expand Up @@ -1258,7 +1258,7 @@ function badges_setup_backpack_js() {
global $CFG, $PAGE;
if (!empty($CFG->badges_allowexternalbackpack)) {
$PAGE->requires->string_for_js('error:backpackproblem', 'badges');
$protocol = (strpos($CFG->wwwroot, 'https://') === 0) ? 'https://' : 'http://';
$protocol = (is_https()) ? 'https://' : 'http://';
$PAGE->requires->js(new moodle_url($protocol . BADGE_BACKPACKURL . '/issuer.js'), true);
$PAGE->requires->js('/badges/backpack.js', true);
}
Expand Down
2 changes: 1 addition & 1 deletion lib/classes/session/manager.php
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ public static function init_empty_session() {
protected static function prepare_cookies() {
global $CFG;

if (!isset($CFG->cookiesecure) or (strpos($CFG->wwwroot, 'https://') !== 0 and empty($CFG->sslproxy))) {
if (!isset($CFG->cookiesecure) or (!is_https() and empty($CFG->sslproxy))) {
$CFG->cookiesecure = 0;
}

Expand Down
2 changes: 1 addition & 1 deletion lib/csvlib.class.php
Original file line number Diff line number Diff line change
Expand Up @@ -476,7 +476,7 @@ protected function send_header() {
// For text based formats - we cannot test the output with behat if we force a file download.
return;
}
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: max-age=10');
header('Pragma: ');
} else { //normal http - prevent caching at all cost
Expand Down
2 changes: 1 addition & 1 deletion lib/excellib.class.php
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,7 @@ public function close() {
$mimetype = 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet';
$filename = $filename.'.xlsx';

if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: max-age=10');
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
header('Pragma: ');
Expand Down
6 changes: 3 additions & 3 deletions lib/filelib.php
Original file line number Diff line number Diff line change
Expand Up @@ -2196,7 +2196,7 @@ function send_temp_file($path, $filename, $pathisstring=false) {
}

header('Content-Disposition: attachment; filename="'.$filename.'"');
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: private, max-age=10, no-transform');
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
header('Pragma: ');
Expand Down Expand Up @@ -2292,7 +2292,7 @@ function send_file($path, $filename, $lifetime = null , $filter=0, $pathisstring

} else { // Do not cache files in proxies and browsers
$nobyteserving = true;
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: private, max-age=10, no-transform');
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
header('Pragma: ');
Expand Down Expand Up @@ -2465,7 +2465,7 @@ function send_stored_file($stored_file, $lifetime=null, $filter=0, $forcedownloa
header('Pragma: ');

} else { // Do not cache files in proxies and browsers
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: private, max-age=10, no-transform');
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
header('Pragma: ');
Expand Down
2 changes: 1 addition & 1 deletion lib/form/recaptcha.php
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ function MoodleQuickForm_recaptcha($elementName = null, $elementLabel = null, $a
global $CFG;
parent::HTML_QuickForm_input($elementName, $elementLabel, $attributes);
$this->_type = 'recaptcha';
if (!empty($attributes['https']) or strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
$this->_https = true;
} else {
$this->_https = false;
Expand Down
2 changes: 1 addition & 1 deletion lib/outputcomponents.php
Original file line number Diff line number Diff line change
Expand Up @@ -404,7 +404,7 @@ public function get_url(moodle_page $page, renderer_base $renderer = null) {

// If the currently requested page is https then we'll return an
// https gravatar page.
if (strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
$gravatardefault = str_replace($CFG->wwwroot, $CFG->httpswwwroot, $gravatardefault); // Replace by secure url.
return new moodle_url("https://secure.gravatar.com/avatar/{$md5}", array('s' => $size, 'd' => $gravatardefault));
} else {
Expand Down
2 changes: 1 addition & 1 deletion lib/outputrequirementslib.php
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@ public function __construct() {
$this->yui3loader = new stdClass();
$this->YUI_config = new YUI_config();

if (strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
// On HTTPS sites all JS must be loaded from https sites,
// YUI CDN does not support https yet, sorry.
$CFG->useexternalyui = 0;
Expand Down
1 change: 1 addition & 0 deletions lib/setuplib.php
Original file line number Diff line number Diff line change
Expand Up @@ -816,6 +816,7 @@ function initialise_fullme() {
throw new coding_exception('Must use https address in wwwroot when ssl proxy enabled!');
}
$rurl['scheme'] = 'https'; // make moodle believe it runs on https, squid or something else it doing it
$_SERVER['HTTPS'] = 'on'; // Override $_SERVER to help external libraries with their HTTPS detection.
}

// hopefully this will stop all those "clever" admins trying to set up moodle
Expand Down
14 changes: 14 additions & 0 deletions lib/weblib.php
Original file line number Diff line number Diff line change
Expand Up @@ -223,6 +223,20 @@ function qualified_me() {
}
}

/**
* Determines whether or not the Moodle site is being served over HTTPS.
*
* This is done simply by checking the value of $CFG->httpswwwroot, which seems
* to be the only reliable method.
*
* @return boolean True if site is served over HTTPS, false otherwise.
*/
function is_https() {
global $CFG;

return (strpos($CFG->httpswwwroot, 'https://') === 0);
}

/**
* Class for creating and manipulating urls.
*
Expand Down
2 changes: 1 addition & 1 deletion mod/feedback/item/captcha/lib.php
Original file line number Diff line number Diff line change
Expand Up @@ -237,7 +237,7 @@ public function print_item_complete($item, $value = '', $highlightrequire = fals
</div>';

// Check if we are using SSL.
if (strpos($CFG->wwwroot, 'https://') === 0) {
if (is_https()) {
$ssl = true;
} else {
$ssl = false;
Expand Down
2 changes: 1 addition & 1 deletion mod/lti/OAuth.php
Original file line number Diff line number Diff line change
Expand Up @@ -252,7 +252,7 @@ function __construct($http_method, $http_url, $parameters = null) {
* attempt to build up a request from what was passed to the server
*/
public static function from_request($http_method = null, $http_url = null, $parameters = null) {
$scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http' : 'https';
$scheme = (!is_https()) ? 'http' : 'https';
$port = "";
if ($_SERVER['SERVER_PORT'] != "80" && $_SERVER['SERVER_PORT'] != "443" && strpos(':', $_SERVER['HTTP_HOST']) < 0) {
$port = ':' . $_SERVER['SERVER_PORT'];
Expand Down
4 changes: 2 additions & 2 deletions portfolio/boxnet/lib.php
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ public static function admin_config_form(&$mform) {
$mform->addElement('static', 'setupinfo', get_string('setupinfo', 'portfolio_boxnet'),
get_string('setupinfodetails', 'portfolio_boxnet', $a));

if (strpos($CFG->wwwroot, 'https') !== 0) {
if (!is_https()) {
$mform->addElement('static', 'warninghttps', '', get_string('warninghttps', 'portfolio_boxnet'));
}
}
Expand Down Expand Up @@ -207,7 +207,7 @@ public function instance_sanity_check() {
global $CFG;
if (!$this->get_config('clientid') || !$this->get_config('clientsecret')) {
return 'missingoauthkeys';
} else if (strpos($CFG->wwwroot, 'https') !== 0) {
} else if (!is_https()) {
return 'missinghttps';
}
}
Expand Down
2 changes: 1 addition & 1 deletion report/security/locallib.php
Original file line number Diff line number Diff line change
Expand Up @@ -381,7 +381,7 @@ function report_security_check_emailchangeconfirmation($detailed=false) {
function report_security_check_cookiesecure($detailed=false) {
global $CFG;

if (strpos($CFG->wwwroot, 'https://') !== 0) {
if (!is_https()) {
return null;
}

Expand Down
2 changes: 1 addition & 1 deletion repository/boxnet/lib.php
Original file line number Diff line number Diff line change
Expand Up @@ -334,7 +334,7 @@ public static function type_config_form($mform, $classname = 'repository') {

$mform->addElement('static', null, '', get_string('information', 'repository_boxnet'));

if (strpos($CFG->wwwroot, 'https') !== 0) {
if (!is_https()) {
$mform->addElement('static', null, '', get_string('warninghttps', 'repository_boxnet'));
}

Expand Down
2 changes: 1 addition & 1 deletion user/profile.php
Original file line number Diff line number Diff line change
Expand Up @@ -342,7 +342,7 @@
if ($user->skype && !isset($hiddenfields['skypeid'])) {
$imurl = 'skype:'.urlencode($user->skype).'?call';
$iconurl = new moodle_url('http://mystatus.skype.com/smallicon/'.urlencode($user->skype));
if (strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
// Bad luck, skype devs are lazy to set up SSL on their servers - see MDL-37233.
$statusicon = '';
} else {
Expand Down

0 comments on commit 1e31f11

Please sign in to comment.