Get user intended scheme

  • Gulshan Kumar

    (@thegulshankumar)


    3 years, 2 months ago

    Suppose, I am an ultra-noob user who recently started using CF just for Flexible SSL, do not know about updating http to https in General setting.

    I started setting up this plugin, later I came to know my page rule uses http:// instead of https:// to avoid this case… how about focusing user-intent than General Settings?

    /**
  *
  * #1. We may not rely on URL of WordPress General Settings
  * ----------------------------------------------------------------
  *
  * 	Case 1: Some beginner using Flexible SSL
  *     may have http:// not https:// in the settings
  *     to avoid instant redirect-loop or by mistake ignored.
  *
  *
  *     While maintaning HTTPS and avoiding Redirect Loop is possible
  *
  *  if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false) $_SERVER['HTTPS']='on'; 
  *
  *     But we dont know about a user site condition.
  * 
  * 	Case 2: At RC, after one-click WP installation and cert installation...
  *
  * 	It does not automatically force HTTPS in General settings nor hint.
  *     So, It's easy to forget and assume everything is set.
  *      
  *
  * #2. Well, I cannot recommend $_SERVER[REQUEST_SCHEME] due prev ver OLS
  * ----------------------------------------------------------------------
  *
  * 	OLS < 1.5.11 which comes at one-click installer in DO doesn't support it.
  * 	https://openlitespeed.org/release-log/legacy-releases/
  * 	
  * 
  *  ============ SOLUTION ============
  *  If user can access WordPress over HTTPS, assume that 100% intent is HTTPS.
  *  That SCHEME can be used in the Page Rule which set Cache Level: Everything
  * 
  *
  * 
 */ 
	
	function get_request_scheme() {

		if ( isset( $_SERVER['REQUEST_SCHEME'] ) && ( $_SERVER['REQUEST_SCHEME'] == 'https' )) {
			return 'https';
		}

		if ( !empty( $_SERVER['HTTP_X_PROTO'] ) && ( $_SERVER['HTTP_X_PROTO'] == 'SSL' ) ) {
			return 'https';
		}

		if ( isset( $_SERVER['SERVER_PORT'] ) && ( $_SERVER['SERVER_PORT'] == '443' ) ) {
			return 'https';
		}

		if ( isset( $_SERVER['HTTPS'] ) && ( strtolower($_SERVER['HTTPS']) == 'on' || $_SERVER['HTTPS'] == '1' ) ) {
			return 'https';
		}

		if ( !empty( $_SERVER['HTTP_X_FORWARDED_SSL'] ) && ( $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on' ) ) {
			return 'https';
		}

		if ( !empty( $_SERVER['HTTP_X_FORWARDED_SSL'] ) && ( $_SERVER['HTTP_X_FORWARDED_SSL'] == '1' ) ) {
			return 'https';
		}

		if ( !empty( $_SERVER['HTTP_X_PROTO'] ) && ( $_SERVER['HTTP_X_PROTO'] == 'SSL' ) ) {
			return 'https';
		}

		if ( !empty( $_SERVER['HTTP_CF_VISITOR'] ) && ( strpos( $_SERVER['HTTP_CF_VISITOR'], 'https' ) !== false ) ) {
			return 'https';
		}

		if ( !empty( $_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] ) && ( $_SERVER['HTTP_CLOUDFRONT_FORWARDED_PROTO'] == 'https' ) ) {
			return 'https';
		}

		if ( isset( $_ENV['HTTPS'] ) && ( $_ENV['HTTPS'] == 'on') ) {
			return 'https';
		}

		return "http";
	}
Viewing 2 replies - 1 through 2 (of 2 total)
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Get user intended scheme’ is closed to new replies.