Add the ability to detect HTTPS from web server env (!56) · Merge requests · LemonLDAP NG / lemonldap-ng

Maxime Besson requested to merge maxbes/lemonldap-ng:fix-redir into master Feb 01, 2019

This commit adds a new "Default" option for the global HTTPS setting. In this mode, the handler will refer to the HTTPS env variable to know if it's being accessed over HTTPS or not. An administrator is of course still free to force HTTPS by setting it either globally or per-VHost

Please not that for this change to work, I had to implement a little fix in Reload.pm, as mentioned in #1613 (closed). One the fix for #1613 (closed) is commited, I will rebase this MR

Also, I took the liberty of making -1 the default for the "https" global setting, I think it's what most people expect when naively setting up SSL on their lemonldap instances.

When using a https->http reverse proxy, however, a user would still need to force the value in the manager, unless they use some rewrite rules to update the HTTPS fastcgi variable from the X-Forwarded-Proto header.

Tested on Nginx and Apache

Add the ability to detect HTTPS from web server env

Merge request reports