From e97c9674e98e173d1e16eece9d7d19da2acc3fe0 Mon Sep 17 00:00:00 2001
From: Jan Losinski <losinski@wh2.tu-dresden.de>
Date: Thu, 13 Apr 2017 02:26:32 +0200
Subject: [PATCH] Convert array keys for $_SERVER to uppercase

It seems to be the case, that array indicies in $_SERVER are always
uppercase. Sadly I could not find any documentation of this but at
least with mod_php it is the case. Also a extensive search on github
projects seems to support this thesis.

On my installation the 'X-FORWARDED-PROTO' is even then uppercase when
its mixed case in the Header provided by the reverse proxy.

Signed-off-by: Jan Losinski <losinski@wh2.tu-dresden.de>
---
 htdocs/always.php | 16 ++++++++--------
 inc/always.php.in | 16 ++++++++--------
 2 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/htdocs/always.php b/htdocs/always.php
index 9e817023..fb5f1bcb 100644
--- a/htdocs/always.php
+++ b/htdocs/always.php
@@ -184,20 +184,20 @@ ob_end_clean();
 * Override server-detected variables with those from X-Forwarded headers
 */
 if ( isset($c->trust_x_forwarded) && $c->trust_x_forwarded ) {
-  if ( isset($_SERVER['X-Real-IP']) ) {
-    $_SERVER['REMOTE_ADDR'] = $_SERVER['X-Real-IP'];
-  } elseif ( isset($_SERVER['X-Forwarded-For']) ) {
-    list($_SERVER['REMOTE_ADDR'], $rest) = explode( ',', $_SERVER['X-Forwarded-For']);
+  if ( isset($_SERVER['HTTP_X_REAL_IP']) ) {
+    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];
+  } elseif ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) ) {
+    list($_SERVER['REMOTE_ADDR'], $rest) = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR']);
   }
-  if ( isset($_SERVER['X-Forwarded-Proto']) ) {
-    if ($_SERVER['X-Forwarded-Proto'] == 'https') {
+  if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) ) {
+    if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
       $_SERVER['HTTPS'] = 'on';
     } else {
       $_SERVER['HTTPS'] = 'off';
     }
   }
-  if ( isset($_SERVER['X-Forwarded-Port']) ) {
-    $_SERVER['SERVER_PORT'] = $_SERVER['X-Forwarded-Port'];
+  if ( isset($_SERVER['HTTP_X_FORWARDED_PORT']) ) {
+    $_SERVER['SERVER_PORT'] = $_SERVER['HTTP_X_FORWARDED_PORT'];
   }
 }
 
diff --git a/inc/always.php.in b/inc/always.php.in
index b30fe6bd..7ac1a80c 100644
--- a/inc/always.php.in
+++ b/inc/always.php.in
@@ -184,20 +184,20 @@ ob_end_clean();
 * Override server-detected variables with those from X-Forwarded headers
 */
 if ( isset($c->trust_x_forwarded) && $c->trust_x_forwarded ) {
-  if ( isset($_SERVER['X-Real-IP']) ) {
-    $_SERVER['REMOTE_ADDR'] = $_SERVER['X-Real-IP'];
-  } elseif ( isset($_SERVER['X-Forwarded-For']) ) {
-    list($_SERVER['REMOTE_ADDR'], $rest) = explode( ',', $_SERVER['X-Forwarded-For']);
+  if ( isset($_SERVER['HTTP_X_REAL_IP']) ) {
+    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];
+  } elseif ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) ) {
+    list($_SERVER['REMOTE_ADDR'], $rest) = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR']);
   }
-  if ( isset($_SERVER['X-Forwarded-Proto']) ) {
-    if ($_SERVER['X-Forwarded-Proto'] == 'https') {
+  if ( isset($_SERVER['HTTP_X_FORWARDED_PROTO']) ) {
+    if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
       $_SERVER['HTTPS'] = 'on';
     } else {
       $_SERVER['HTTPS'] = 'off';
     }
   }
-  if ( isset($_SERVER['X-Forwarded-Port']) ) {
-    $_SERVER['SERVER_PORT'] = $_SERVER['X-Forwarded-Port'];
+  if ( isset($_SERVER['HTTP_X_FORWARDED_PORT']) ) {
+    $_SERVER['SERVER_PORT'] = $_SERVER['HTTP_X_FORWARDED_PORT'];
   }
 }