Hello!
is there any way we can learn that the doma...
# luceew
waleedehsan1
03/21/2022, 10:47 AMHello!
is there any way we can learn that the domain is SSL enable (https) in the Application.cfc?
Copy code
<cfset protocol = 'http' />
<cfif any cgi or server scope variable tell us ssl is enable >
<cfset protocol = 'https' />
</cfif>b
bhartsfield
03/21/2022, 11:53 AMcgi.https == "on" ? "https: : "http"
w
waleedehsan1
03/21/2022, 6:58 PMmessage has been deleted
waleedehsan1
03/21/2022, 6:58 PMthe domain is HTTPS but still cgi.https value is off :(
b
bhartsfield
03/21/2022, 7:01 PMI'd look into why that is... but you could use a different cgi var too.
cgi.request_url.listFirst( ":" )
b
bdw429s
03/21/2022, 7:14 PM@waleedehsan1 There's a good chance you're fronting your CF server with a proxy, firewall, or load balancer that terminates the SSL traffic and then proxies the request via HTTP to the back end web CF server.
bdw429s
03/21/2022, 7:14 PMIn this case, it's necessary for you to ensure your proxy passes along the correct HTTP headers to the back end
bdw429s
03/21/2022, 7:15 PMHere is the method the ColdBox framework uses
Copy code
/**
* Are we in SSL or not? This method looks at CGI.SERVER_PORT_SECURE for indication
*/
boolean function isSSL(){
if ( isBoolean( CGI.SERVER_PORT_SECURE ) AND CGI.SERVER_PORT_SECURE ) {
return true;
}
// Add typical proxy headers for SSL
if ( getHTTPHeader( "x-forwarded-proto", "http" ) eq "https" ) {
return true;
}
if ( getHTTPHeader( "x-scheme", "http" ) eq "https" ) {
return true;
}
// CGI.HTTPS
if ( CGI.keyExists( "HTTPS" ) and CGI.HTTPS eq "on" ) {
return true;
}
return false;
}bdw429s
03/21/2022, 7:15 PMCheck and see if those HTTP headers are set in your case. You may just need to expand where you're looking.
w
waleedehsan1
03/21/2022, 7:15 PMAs I know client is using services of cloudflare
b
bdw429s
03/21/2022, 7:16 PMusing services of cloudflareCloudflare does offer the feature of SSL termination, but that doesn't necessarily tell us if your client is using it.