Grav: Links not always HTTPS behind off-loaded SSL (AWS)

Created on 11 Jan 2018  路  6Comments  路  Source: getgrav/grav

I've got a site SSL offloaded on AWS. I've found some links such as in the sitemap plugin are not showing as HTTPS even though force_ssl is on in the admin panel and url rewriting is happening in htaccess. It looks like links generated using something like $uri = $this->grav['uri']; ( sitemap plugin ) don't show https.

This is my first time diving into Grav core but I think there are two things here:
1) force_ssl is happening to high up for direct access to uri so therefore in this situation this option is irrelevant in this use case.

2) In uri.php I think the two important environmental variables are $_SERVER['REQUEST_SCHEME'] and $_SERVER['SERVER_PORT'] both of which would be http / 80 behind an SSL offloader but probably accurate in a "normal" environment.

I have done some messy hacking for my setup but maybe $_SERVER['HTTP_X_FORWARDED_PORT'] and $_SERVER['HTTP_X_FORWARDED_PROTO] could be an override option for SSL offloading?

fixed in repo
Source
picture CSixtyFour
👍1

Most helpful comment

Fixed again in develop for 1.4.6 release

picture rhukster on 31 May 2018
🎉2

All 6 comments

$uri = $this->grav['uri'];

Simply gets the URI object. $uri->path() will get the path, and $uri->url() would get the URL. If you pass true you should get the full path including http:// or https://: https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Uri.php#L517

Maybe we should take into account HTTP_X_FORWARDED_PORT and HTTP_X_FORWARDED_PROTO here:

https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Uri.php#L745-L765

and here:

https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Uri.php#L61-L66

Similar to what we do for IP:

https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Uri.php#L745-L765

rhukster picture rhukster on 19 Jan 2018

Will this fix be released soon? My sitemap also includes only http links, while my website is only accessible via https. This doesn't work with Google webmasters indexing.

AquaL1te picture AquaL1te on 2 Apr 2018

is there a reason this isn't released yet?

drnasin picture drnasin on 29 May 2018

I'm a bit confused because this was merged ages ago! https://github.com/getgrav/grav/pull/1888/files

But it seems it got lost when merging with Grav 1.4 branch:

https://github.com/getgrav/grav/commit/7aa930ca55652d1e8a848013efeeac77a13231e6#diff-07d65c25e3a3440248e54057e22c6456

I'll have to manually merge it back in again now as Uri has changed significantly

rhukster picture rhukster on 30 May 2018
1

Fixed again in develop for 1.4.6 release

rhukster picture rhukster on 31 May 2018
🎉2

Thank you rhukster! @CSixtyFour no more manual patching for you! :)

drnasin picture drnasin on 1 Jun 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ursbraem picture ursbraem  路  29Comments
ulilu picture ulilu  路  29Comments
Sogl picture Sogl  路  24Comments
giansi picture giansi  路  17Comments
Japhys picture Japhys  路  21Comments