[ltb-dev] [LDAP Tool Box - Bug #816] PHP receives incorrect SERVER_NAME when used behind SSL accelerator

noreply at lsc-project.org noreply at lsc-project.org
Thu Dec 10 08:43:58 CET 2015

Issue #816 has been updated by Clément OUDOT.

Category set to Self Service Password
Target version set to self-service-password-?

Bug #816: PHP receives incorrect SERVER_NAME when used behind SSL accelerator

Author: Karl Stevens
Status: New
Priority: Normal
Assigned to: 
Category: Self Service Password
Target version: self-service-password-?

Our web server is behind a HTTPS accelerator (HTTPS accelerator listens on public IP address, and forwards the unencrypted requests to the web server, which does not have a public IP address), and the code in sendtoken.php fails to guess the correct server URL (eg. instead of https://server.example.com/ssp/index.php, the URLs generated are http://192.168.x.y:80/ssp/index.php)

The attached diff is a quick hack to allow the server admin to specify the $reset_url manually in the config file.   I'm not sure if this is the 'correct' way to do it, but I don't know enough about PHP to do it any other way.  This works for us, I figured someone else might find it useful.  

You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://tools.lsc-project.org/my/account
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-dev/attachments/20151210/824d443e/attachment.htm>

More information about the ltb-dev mailing list