From 5d425a9f799bf385d686d4f08f571509123899f6 Mon Sep 17 00:00:00 2001
From: Frank Karlitschek <frank@owncloud.org>
Date: Thu, 31 May 2012 20:16:44 +0200
Subject: [PATCH] use our own serverHost call so that ownCloud works with
 reverse proxy servers

---
 apps/files_sharing/ajax/email.php | 6 +++---
 apps/user_openid/phpmyid.php      | 2 +-
 apps/user_openid/user_openid.php  | 4 ++--
 core/lostpassword/index.php       | 2 +-
 lib/base.php                      | 8 +++++---
 lib/ocs.php                       | 4 ++--
 ocs/providers.php                 | 2 +-
 7 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/apps/files_sharing/ajax/email.php b/apps/files_sharing/ajax/email.php
index 163683cd0e..bdfa369418 100644
--- a/apps/files_sharing/ajax/email.php
+++ b/apps/files_sharing/ajax/email.php
@@ -7,7 +7,7 @@ $type = (strpos($_POST['file'], '.') === false) ? 'folder' : 'file';
 $subject = $user.' shared a '.$type.' with you';
 $link = $_POST['link'];
 $text = $user.' shared the '.$type.' '.$_POST['file'].' with you. It is available for download here: '.$link;
-$fromaddress = OCP\Config::getUserValue($user, 'settings', 'email', 'sharing-noreply@'.$_SERVER['HTTP_HOST']);
-OC_Mail::send($_POST['toaddress'], $_POST['toaddress'], $subject, $text, $fromaddress, $user);
+$fromaddress = OCP\Config::getUserValue($user, 'settings', 'email', 'sharing-noreply@'.OCP\Util::getServerHost());
+OCP\Util::sendMail($_POST['toaddress'], $_POST['toaddress'], $subject, $text, $fromaddress, $user);
 
-?>
\ No newline at end of file
+?>
diff --git a/apps/user_openid/phpmyid.php b/apps/user_openid/phpmyid.php
index 137daa485a..5aaab64285 100644
--- a/apps/user_openid/phpmyid.php
+++ b/apps/user_openid/phpmyid.php
@@ -1624,7 +1624,7 @@ if (! array_key_exists('idp_url', $profile))
 //Determine the requested URL - DO NOT OVERRIDE
 $profile['req_url'] = sprintf("%s://%s%s",
 		      $proto,
-		      $_SERVER['HTTP_HOST'],
+		      OCP\Util::getServerHost(),
 // 		      $port,//host  already includes the path
 		      $_SERVER["REQUEST_URI"]);
 
diff --git a/apps/user_openid/user_openid.php b/apps/user_openid/user_openid.php
index 8deb42f68c..3267db3fa0 100644
--- a/apps/user_openid/user_openid.php
+++ b/apps/user_openid/user_openid.php
@@ -39,9 +39,9 @@ class OC_USER_OPENID extends OC_User_Backend {
 		// Get identity from user and redirect browser to OpenID Server
 		$openid = new SimpleOpenID;
 		$openid->SetIdentity($uid);
-		$openid->SetTrustRoot('http://' . $_SERVER["HTTP_HOST"]);
+		$openid->SetTrustRoot('http://' . OCP\Util::getServerHost());
 		if ($openid->GetOpenIDServer()){
-			$openid->SetApprovedURL('http://' . $_SERVER["HTTP_HOST"] . OC::$WEBROOT);      // Send Response from OpenID server to this script
+			$openid->SetApprovedURL('http://' . OCP\Util::getServerHost() . OC::$WEBROOT);      // Send Response from OpenID server to this script
 			$openid->Redirect();     // This will redirect user to OpenID Server
 			exit;
 		}else{
diff --git a/core/lostpassword/index.php b/core/lostpassword/index.php
index 2b87a1eb11..db9f842380 100644
--- a/core/lostpassword/index.php
+++ b/core/lostpassword/index.php
@@ -22,7 +22,7 @@ if (isset($_POST['user'])) {
 			$tmpl->assign('link', $link);
 			$msg = $tmpl->fetchPage();
 			$l = OC_L10N::get('core');
-			$from = 'lostpassword-noreply@' . $_SERVER['HTTP_HOST'];
+			$from = 'lostpassword-noreply@' . OC_Helper::serverHost();
 			$r=mail($email, $l->t('Owncloud password reset'), $msg, 'From:' . $from);
 			OC_MAIL::send($email,$_POST['user'],$l->t('ownCloud password reset'),$msg,$from,'ownCloud');
 			echo('sent');
diff --git a/lib/base.php b/lib/base.php
index 30d302b391..b2ec38ffdb 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -211,9 +211,11 @@ class OC{
 		if( OC_Config::getValue( "forcessl", false )){
 			ini_set("session.cookie_secure", "on");
 			if(!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') {
-				$url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
-				header("Location: $url");
-				exit();
+				if(!isset($_SERVER['HTTP_X_FORWARDED_PROTO']) or $_SERVER['HTTP_X_FORWARDED_PROTO']=='http') {
+					$url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
+					header("Location: $url");
+					exit();
+				}
 			}
 		}
 	}
diff --git a/lib/ocs.php b/lib/ocs.php
index 536ee754e8..aba29275a9 100644
--- a/lib/ocs.php
+++ b/lib/ocs.php
@@ -357,11 +357,11 @@ class OC_OCS {
    */
   private static function apiConfig($format) {
     $user=OC_OCS::checkpassword(false);
-    $url=substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).'';
+    $url=substr(OC_Helper::serverHost().$_SERVER['SCRIPT_NAME'],0,-11).'';
 
     $xml['version']='1.5';
     $xml['website']='ownCloud';
-    $xml['host']=$_SERVER['HTTP_HOST'];
+    $xml['host']=OC_Helper::serverHost();
     $xml['contact']='';
     $xml['ssl']='false';
     echo(OC_OCS::generatexml($format,'ok',100,'',$xml,'config','',1));
diff --git a/ocs/providers.php b/ocs/providers.php
index e1d6ef7ee1..0dad624058 100644
--- a/ocs/providers.php
+++ b/ocs/providers.php
@@ -23,7 +23,7 @@
 
 require_once('../lib/base.php');
 
-$url='http://'.substr($_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'],0,-17).'ocs/v1.php/';
+$url='http://'.substr(OC_Helper::serverHost().$_SERVER['REQUEST_URI'],0,-17).'ocs/v1.php/';
 
 echo('
 <providers>
-- 
GitLab