diff options
| author | Matthew Somerville <matthew@mysociety.org> | 2015-02-24 09:25:51 +0000 |
|---|---|---|
| committer | Matthew Somerville <matthew@mysociety.org> | 2015-02-24 11:05:28 +0000 |
| commit | 6204281850c0a17840c3abeee6cf9b53f251d8a8 (patch) | |
| tree | c71e09b795750342de503943267baaf20e19e3ec /perllib | |
| parent | 032db2fbb6bd2bf0cf0cf2daa379610ab319a6a8 (diff) | |
Use config variable for setting proxy trust.
Rather than hardcoding domain names, add a SECURE_PROXY_SSL_HEADER
variable that provides a trusted HTTP header and value that can be used
to determine if we're behind a HTTPS proxy.
Diffstat (limited to 'perllib')
| -rw-r--r-- | perllib/FixMyStreet/App.pm | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/perllib/FixMyStreet/App.pm b/perllib/FixMyStreet/App.pm index 769a6bb8f..2fff79cec 100644 --- a/perllib/FixMyStreet/App.pm +++ b/perllib/FixMyStreet/App.pm @@ -89,15 +89,15 @@ __PACKAGE__->config( # Start the application __PACKAGE__->setup(); -# Due to some current issues with proxyings, need to manually -# tell the code we're secure if we are. +# If your site is secure but running behind a proxy, you might need to set the +# SECURE_PROXY_SSL_HEADER configuration variable so this can be spotted. after 'prepare_headers' => sub { my $self = shift; my $base_url = $self->config->{BASE_URL}; + my $ssl_header = $self->config->{SECURE_PROXY_SSL_HEADER}; my $host = $self->req->headers->header('Host'); - $self->req->secure( 1 ) if $base_url eq 'https://www.zueriwieneu.ch'; - $self->req->secure( 1 ) if $base_url eq 'https://www.fixmystreet.com' - && ( $host eq 'fix.bromley.gov.uk' || $host eq 'www.fixmystreet.com' ); + $self->req->secure(1) if $ssl_header && ref $ssl_header eq 'ARRAY' + && @$ssl_header == 2 && $self->req->header($ssl_header->[0]) eq $ssl_header->[1]; }; # set up DB handle for old code |