堆栈内存溢出
  简体   繁体   English

在PHP中检测HTTPS请求

[英]Detecting HTTPS requests in PHP

 原文  2009-01-16 23:10:37       php/ apache/ https

问题描述

The problem that I am having has to do with the need to keep some urls of a website protected by HTTPS and the rest kicked to HTTP. 我遇到的问题与需要保留一些受HTTPS保护的网站的网址有关,而其余部分则被踢到HTTP。

Normally, you have $_SERVER['HTTP_HTTPS'] or $_SERVER['HTTPS'] (depending on your flavor of Apache). 通常,您有$_SERVER['HTTP_HTTPS']$_SERVER['HTTPS'] (取决于您的Apache风格)。 You also can check the port - it's 80 for normal traffic and 443 for HTTPS. 您还可以检查端口 - 正常流量为80,HTTPS为443。

My problem is that the certificate sits on the loadbalancer , and all these variables are unavailable, and the webserver sees http://www.foo.com on port 80. One way to fix this is to tell the loadbalancer to send the traffic on a different port, but I wonder if there are other ways to detect HTTPS coming from the load balancer? 我的问题是证书位于负载均衡器上 ,并且所有这些变量都不可用,并且网络服务器在端口80上看到http://www.foo.com 。解决此问题的一种方法是告诉负载均衡器发送流量一个不同的端口,但我想知道是否有其他方法来检测来自负载均衡器的HTTPS?

3 个解决方案

解决方案1
 41  2012-01-27 10:26:59

If anybody has the same issue behind an Amazon AWS Elastic Load Balancer, the solution is simple because the $_SERVER variable will include: 如果任何人在Amazon AWS Elastic Load Balancer背后有相同的问题,解决方案很简单,因为$_SERVER变量将包括: 

[HTTP_X_FORWARDED_PORT] => 443
[HTTP_X_FORWARDED_PROTO] => https

So, to get the protocol, you could use: 因此,要获得协议,您可以使用: 

function getRequestProtocol() {
    if(!empty($_SERVER['HTTP_X_FORWARDED_PROTO']))
        return $_SERVER['HTTP_X_FORWARDED_PROTO'];
    else 
        return !empty($_SERVER['HTTPS']) ? "https" : "http";
}

解决方案2
 14 已采纳  2009-01-16 23:23:23

If the load balancer is the other end of the SSL connection, you cannot get any more info than the load balancer explicitly provides. 如果负载均衡器是SSL连接的另一端,则无法获得比负载均衡器明确提供的更多信息。 I would go for adding a http header, it may already be doing that, dump all the HTTP headers and look. 我会去添加一个http标头,它可能已经这样做,转储所有HTTP标头并查看。

As another solution, you can do the redirection on the load balancer based on URL. 作为另一种解决方案,您可以基于URL在负载均衡器上执行重定向。

解决方案3
 2  2014-03-26 11:04:48

$ _SERVER ['HTTP_X_FORWARDED_PROTO']似乎是joomla用户的一个很好的解决方案,因为如果你的loadbalancer进行了重定向并且你将force_ssl设置为1或2,那么你将以无限循环结束,因为joomla总是看到http:

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 用于https请求的PHP代理 - PHP Proxy for https requests 如何在PHP中生成Https请求 - How to make Https Requests in PHP HTTPS请求PHP / ZF 1.11 - HTTPS requests PHP/ ZF 1.11 PHP-检测HTTPS协议的一些问题 - PHP - some proplems on detecting HTTPS Protocol PHP有效设置HTTPS请求的读取超时 - Php efficiently set read timeout on HTTPS requests 无法使用php和curl通过代理发出https请求 - Unable to make https requests via proxy using,php and curl php执行请求https链接的python失败 - php to execute python which requests to a https link fails 带有curl或file_get_contents的HTTPS请求导致php崩溃 - HTTPS requests with curl or file_get_contents cause php crashes PHP:在多个请求中保持API连接到API - PHP: Keep HTTPS Connection to API open throughout multiple requests Tinyproxy和https请求 - Tinyproxy and https requests
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM