Commit 1e31f118 authored by Tony Butler's avatar Tony Butler
Browse files

MDL-28484 core_lib: Add function for https detection


Signed-off-by: default avatarTony Butler <tonyjbutler@gmail.com>
parent 6597413d
......@@ -11,7 +11,7 @@ require_once($CFG->dirroot."/auth/shibboleth/auth.php");
// Find out whether host supports https
$protocol = 'http://';
if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on'){
if (is_https()) {
$protocol = 'https://';
}
......
......@@ -95,12 +95,11 @@ class filter_mathjaxloader extends moodle_text_filter {
* @param context $context The current context.
*/
public function setup($page, $context) {
global $CFG;
// This only requires execution once per request.
static $jsinitialised = false;
if (empty($jsinitialised)) {
if (strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
$url = get_config('filter_mathjaxloader', 'httpsurl');
} else {
$url = get_config('filter_mathjaxloader', 'httpurl');
......
......@@ -94,7 +94,7 @@ if (empty($CFG->googlemapkey3)) {
echo '<div id="note">'.$info['note'].'</div>';
} else {
if (strpos($CFG->wwwroot, 'https:') === 0) {
if (is_https()) {
$PAGE->requires->js(new moodle_url('https://maps.googleapis.com/maps/api/js', array('key'=>$CFG->googlemapkey3, 'sensor'=>'false')));
} else {
$PAGE->requires->js(new moodle_url('http://maps.googleapis.com/maps/api/js', array('key'=>$CFG->googlemapkey3, 'sensor'=>'false')));
......
......@@ -1258,7 +1258,7 @@ function badges_setup_backpack_js() {
global $CFG, $PAGE;
if (!empty($CFG->badges_allowexternalbackpack)) {
$PAGE->requires->string_for_js('error:backpackproblem', 'badges');
$protocol = (strpos($CFG->wwwroot, 'https://') === 0) ? 'https://' : 'http://';
$protocol = (is_https()) ? 'https://' : 'http://';
$PAGE->requires->js(new moodle_url($protocol . BADGE_BACKPACKURL . '/issuer.js'), true);
$PAGE->requires->js('/badges/backpack.js', true);
}
......
......@@ -180,7 +180,7 @@ class manager {
protected static function prepare_cookies() {
global $CFG;
if (!isset($CFG->cookiesecure) or (strpos($CFG->wwwroot, 'https://') !== 0 and empty($CFG->sslproxy))) {
if (!isset($CFG->cookiesecure) or (!is_https() and empty($CFG->sslproxy))) {
$CFG->cookiesecure = 0;
}
......
......@@ -476,7 +476,7 @@ class csv_export_writer {
// For text based formats - we cannot test the output with behat if we force a file download.
return;
}
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: max-age=10');
header('Pragma: ');
} else { //normal http - prevent caching at all cost
......
......@@ -106,7 +106,7 @@ class MoodleExcelWorkbook {
$mimetype = 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet';
$filename = $filename.'.xlsx';
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: max-age=10');
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
header('Pragma: ');
......
......@@ -2196,7 +2196,7 @@ function send_temp_file($path, $filename, $pathisstring=false) {
}
header('Content-Disposition: attachment; filename="'.$filename.'"');
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: private, max-age=10, no-transform');
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
header('Pragma: ');
......@@ -2292,7 +2292,7 @@ function send_file($path, $filename, $lifetime = null , $filter=0, $pathisstring
} else { // Do not cache files in proxies and browsers
$nobyteserving = true;
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: private, max-age=10, no-transform');
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
header('Pragma: ');
......@@ -2465,7 +2465,7 @@ function send_stored_file($stored_file, $lifetime=null, $filter=0, $forcedownloa
header('Pragma: ');
} else { // Do not cache files in proxies and browsers
if (strpos($CFG->wwwroot, 'https://') === 0) { //https sites - watch out for IE! KB812935 and KB316431
if (is_https()) { // HTTPS sites - watch out for IE! KB812935 and KB316431.
header('Cache-Control: private, max-age=10, no-transform');
header('Expires: '. gmdate('D, d M Y H:i:s', 0) .' GMT');
header('Pragma: ');
......
......@@ -57,7 +57,7 @@ class MoodleQuickForm_recaptcha extends HTML_QuickForm_input {
global $CFG;
parent::HTML_QuickForm_input($elementName, $elementLabel, $attributes);
$this->_type = 'recaptcha';
if (!empty($attributes['https']) or strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
$this->_https = true;
} else {
$this->_https = false;
......
......@@ -404,7 +404,7 @@ class user_picture implements renderable {
// If the currently requested page is https then we'll return an
// https gravatar page.
if (strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
$gravatardefault = str_replace($CFG->wwwroot, $CFG->httpswwwroot, $gravatardefault); // Replace by secure url.
return new moodle_url("https://secure.gravatar.com/avatar/{$md5}", array('s' => $size, 'd' => $gravatardefault));
} else {
......
......@@ -169,7 +169,7 @@ class page_requirements_manager {
$this->yui3loader = new stdClass();
$this->YUI_config = new YUI_config();
if (strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
// On HTTPS sites all JS must be loaded from https sites,
// YUI CDN does not support https yet, sorry.
$CFG->useexternalyui = 0;
......
......@@ -816,6 +816,7 @@ function initialise_fullme() {
throw new coding_exception('Must use https address in wwwroot when ssl proxy enabled!');
}
$rurl['scheme'] = 'https'; // make moodle believe it runs on https, squid or something else it doing it
$_SERVER['HTTPS'] = 'on'; // Override $_SERVER to help external libraries with their HTTPS detection.
}
// hopefully this will stop all those "clever" admins trying to set up moodle
......
......@@ -223,6 +223,20 @@ function qualified_me() {
}
}
/**
* Determines whether or not the Moodle site is being served over HTTPS.
*
* This is done simply by checking the value of $CFG->httpswwwroot, which seems
* to be the only reliable method.
*
* @return boolean True if site is served over HTTPS, false otherwise.
*/
function is_https() {
global $CFG;
return (strpos($CFG->httpswwwroot, 'https://') === 0);
}
/**
* Class for creating and manipulating urls.
*
......
......@@ -237,7 +237,7 @@ class feedback_item_captcha extends feedback_item_base {
</div>';
// Check if we are using SSL.
if (strpos($CFG->wwwroot, 'https://') === 0) {
if (is_https()) {
$ssl = true;
} else {
$ssl = false;
......
......@@ -252,7 +252,7 @@ class OAuthRequest {
* attempt to build up a request from what was passed to the server
*/
public static function from_request($http_method = null, $http_url = null, $parameters = null) {
$scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http' : 'https';
$scheme = (!is_https()) ? 'http' : 'https';
$port = "";
if ($_SERVER['SERVER_PORT'] != "80" && $_SERVER['SERVER_PORT'] != "443" && strpos(':', $_SERVER['HTTP_HOST']) < 0) {
$port = ':' . $_SERVER['SERVER_PORT'];
......
......@@ -114,7 +114,7 @@ class portfolio_plugin_boxnet extends portfolio_plugin_push_base {
$mform->addElement('static', 'setupinfo', get_string('setupinfo', 'portfolio_boxnet'),
get_string('setupinfodetails', 'portfolio_boxnet', $a));
if (strpos($CFG->wwwroot, 'https') !== 0) {
if (!is_https()) {
$mform->addElement('static', 'warninghttps', '', get_string('warninghttps', 'portfolio_boxnet'));
}
}
......@@ -207,7 +207,7 @@ class portfolio_plugin_boxnet extends portfolio_plugin_push_base {
global $CFG;
if (!$this->get_config('clientid') || !$this->get_config('clientsecret')) {
return 'missingoauthkeys';
} else if (strpos($CFG->wwwroot, 'https') !== 0) {
} else if (!is_https()) {
return 'missinghttps';
}
}
......
......@@ -381,7 +381,7 @@ function report_security_check_emailchangeconfirmation($detailed=false) {
function report_security_check_cookiesecure($detailed=false) {
global $CFG;
if (strpos($CFG->wwwroot, 'https://') !== 0) {
if (!is_https()) {
return null;
}
......
......@@ -334,7 +334,7 @@ class repository_boxnet extends repository {
$mform->addElement('static', null, '', get_string('information', 'repository_boxnet'));
if (strpos($CFG->wwwroot, 'https') !== 0) {
if (!is_https()) {
$mform->addElement('static', null, '', get_string('warninghttps', 'repository_boxnet'));
}
......
......@@ -342,7 +342,7 @@ if ($user->icq && !isset($hiddenfields['icqnumber'])) {
if ($user->skype && !isset($hiddenfields['skypeid'])) {
$imurl = 'skype:'.urlencode($user->skype).'?call';
$iconurl = new moodle_url('http://mystatus.skype.com/smallicon/'.urlencode($user->skype));
if (strpos($CFG->httpswwwroot, 'https:') === 0) {
if (is_https()) {
// Bad luck, skype devs are lazy to set up SSL on their servers - see MDL-37233.
$statusicon = '';
} else {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment