php4dvd icon indicating copy to clipboard operation
php4dvd copied to clipboard
Published 2 years ago verified publisher icon jreklund

Wrong baseurl when running behind proxy

Open tmakinen opened this issue 2 years ago • 3 comments

I have setup where php4dvd is running behing proxy. Looks like baseurl is set according to last hop so all assets (js, css, etc) are loaded from wrong URL. If i'm reading code correctly problem is here:

https://github.com/jreklund/php4dvd/blob/master/common.inc.php#L77

This should first check if header HTTP_X_FORWARDED_HOST is set and use that and only fallback to $_SERVER["HTTP_HOST"] if header is not set.

tmakinen avatar Aug 10 '23 13:08 tmakinen

That value should be statically set by the user instead of automatically trying to figure out the right one. Or it's better to just use relative URI and stop comparing it to the domain. 🤔

Will figure something out.

jreklund avatar Aug 13 '23 09:08 jreklund

Please check if this modified code works on your setup.

$baseurl = "/";
$Website->assign("baseurl", $baseurl);

// Current URL
$currentUrl = $baseurl . ltrim($_SERVER["REQUEST_URI"], "/");
$Website->assign("currentUrl", $currentUrl);

// Webroot
$basepath = $settings["url"]["base"];
if(strlen($basepath) > 0 && !preg_match("/\/$/", $basepath)) {
	$basepath .= "/";
}
$webroot = $baseurl . ltrim($basepath, "/");
$Website->assign("webroot", $webroot);

I also removed "base url" and "force the use of HTTPS" parts from this file as well.

jreklund avatar Aug 13 '23 10:08 jreklund

Yes this fixes errors. Just in case here is diff that i used:

--- common.inc.php.orig	2023-08-14 16:49:52.064423051 +0000
+++ common.inc.php	2023-08-14 16:50:33.635497024 +0000
@@ -53,32 +53,16 @@
 	}
 }
 
-// Base url
-$protocol = "http";
-if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']) {
-	$protocol = "https";
-}
-if(isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
-	$protocol = "https";
-}
-
-// Force the use of HTTPS
-if(
-	isset($settings["url"]["HTTPS"]) && $settings["url"]["HTTPS"] && $protocol !== 'https'
-) {
-	header('Location: https://'. $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"], true, 301);
-	exit();
-}
 
 // Load smarty template parser
 require_once($loc . "lib/Website.class.php");
 $Website = new Website($settings);
 
-$baseurl = $protocol . "://" . $_SERVER["HTTP_HOST"];
+$baseurl = "/";
 $Website->assign("baseurl", $baseurl);
 
 // Current URL
-$currentUrl = $baseurl . $_SERVER["REQUEST_URI"];
+$currentUrl = $baseurl . ltrim($_SERVER["REQUEST_URI"], "/");
 $Website->assign("currentUrl", $currentUrl);
 
 // Webroot
@@ -86,7 +70,7 @@
 if(strlen($basepath) > 0 && !preg_match("/\/$/", $basepath)) {
 	$basepath .= "/";
 }
-$webroot = $baseurl . "/" . $basepath;
+$webroot = $baseurl . ltrim($basepath, "/");
 $Website->assign("webroot", $webroot);
 
 // Include util functions

tmakinen avatar Aug 14 '23 16:08 tmakinen