We have a piwik server installed behind a reverse proxy (https-to-http) and I want to use the force_ssl option. The proxy sets a HTTP header (HTTP_SESSION_ID_TAG) if the client came in through a SSL connection. Therefore I had to patch Url.php:
static public function getCurrentScheme()
{
try {
$config = Zend_Registry::get('config');
} catch(Exception $e) {
$config = false;
}
$assume_secure_protocol = $config !== false && $config->General->assume_secure_protocol;
$has_proxy_ssl_header = isset($_SERVER['HTTP_SESSION_ID_TAG']) && !empty($_SERVER['HTTP_SESSION_ID_TAG']);
$has_https = isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] === true);
if($assume_secure_protocol || $has_proxy_ssl_header || $has_https)
{
return 'https';
}
return 'http';
}
It would be nice to have a config option for this header field. I imagine something like this:
[General]
proxy_ssl_header = HTTP_SESSION_ID_TAG
If the proxy_ssl_header option is set Piwik should use this header field to decide if HTTP or HTTPS was used.
Best regards,
Paul