http://coldfusion.com logo
#lucee
Title
# lucee
w

waleedehsan1

03/21/2022, 10:47 AM
Hello! is there any way we can learn that the domain is SSL enable (https) in the Application.cfc?
Copy code
<cfset protocol = 'http' />
<cfif any cgi or server scope variable tell us ssl is enable >
    <cfset protocol = 'https' />
</cfif>
b

bhartsfield

03/21/2022, 11:53 AM
cgi.https == "on" ? "https: : "http"
w

waleedehsan1

03/21/2022, 6:58 PM
message has been deleted
the domain is HTTPS but still cgi.https value is off :(
b

bhartsfield

03/21/2022, 7:01 PM
I'd look into why that is... but you could use a different cgi var too. cgi.request_url.listFirst( ":" )
b

bdw429s

03/21/2022, 7:14 PM
@waleedehsan1 There's a good chance you're fronting your CF server with a proxy, firewall, or load balancer that terminates the SSL traffic and then proxies the request via HTTP to the back end web CF server.
In this case, it's necessary for you to ensure your proxy passes along the correct HTTP headers to the back end
Here is the method the ColdBox framework uses
Copy code
/**
	 * Are we in SSL or not? This method looks at CGI.SERVER_PORT_SECURE for indication
	 */
	boolean function isSSL(){
		if ( isBoolean( CGI.SERVER_PORT_SECURE ) AND CGI.SERVER_PORT_SECURE ) {
			return true;
		}
		// Add typical proxy headers for SSL
		if ( getHTTPHeader( "x-forwarded-proto", "http" ) eq "https" ) {
			return true;
		}
		if ( getHTTPHeader( "x-scheme", "http" ) eq "https" ) {
			return true;
		}
		// CGI.HTTPS
		if ( CGI.keyExists( "HTTPS" ) and CGI.HTTPS eq "on" ) {
			return true;
		}
		return false;
	}
Check and see if those HTTP headers are set in your case. You may just need to expand where you're looking.
w

waleedehsan1

03/21/2022, 7:15 PM
As I know client is using services of cloudflare
b

bdw429s

03/21/2022, 7:16 PM
using services of cloudflare
Cloudflare does offer the feature of SSL termination, but that doesn't necessarily tell us if your client is using it.