Qual: Don't attempt HTTPS redirect if already using HTTPS

2015-09-07 16:43:17 +02:00 · 2015-09-07 16:43:17 +02:00 · 92c08c77fd
commit 92c08c77fd
parent 53a9c93b90
1 changed files with 4 additions and 11 deletions
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@ -225,7 +225,8 @@ if (isset($_SERVER["HTTP_USER_AGENT"]))


 // Force HTTPS if required ($conf->file->main_force_https is 0/1 or https dolibarr root url)
-if (! empty($conf->file->main_force_https))
+// $_SERVER["HTTPS"] is 'on' when link is https, otherwise $_SERVER["HTTPS"] is empty or 'off'
+if (! empty($conf->file->main_force_https) && (empty($_SERVER["HTTPS"]) || $_SERVER["HTTPS"] != 'on'))
 {
    $newurl='';
    if (is_numeric($conf->file->main_force_https))
@ -239,21 +240,13 @@ if (! empty($conf->file->main_force_https))
        }
        else	// Check HTTPS environment variable (Apache/mod_ssl only)
        {
-            // $_SERVER["HTTPS"] is 'on' when link is https, otherwise $_SERVER["HTTPS"] is empty or 'off'
-            if (empty($_SERVER["HTTPS"]) || $_SERVER["HTTPS"] != 'on')		// If link is http
-            {
-                $newurl=preg_replace('/^http:/i','https:',DOL_MAIN_URL_ROOT).$_SERVER["REQUEST_URI"];
-            }
+            $newurl=preg_replace('/^http:/i','https:',DOL_MAIN_URL_ROOT).$_SERVER["REQUEST_URI"];
        }
    }
    else
    {
        // Check HTTPS environment variable (Apache/mod_ssl only)
-        // $_SERVER["HTTPS"] is 'on' when link is https, otherwise $_SERVER["HTTPS"] is empty or 'off'
-        if (empty($_SERVER["HTTPS"]) || $_SERVER["HTTPS"] != 'on')		// If link is http
-        {
-            $newurl=$conf->file->main_force_https.$_SERVER["REQUEST_URI"];
-        }
+        $newurl=$conf->file->main_force_https.$_SERVER["REQUEST_URI"];
    }
    // Start redirect
    if ($newurl)