From 61af45e8722f06527517826418ecbfbd4de5ccc7 Mon Sep 17 00:00:00 2001
From: Patrick Baus <patrick.baus@physik.tu-darmstadt.de>
Date: Thu, 11 Aug 2016 02:45:18 +0200
Subject: [PATCH] Enabled HTTP_X_FORWARDED_PROTO header detection. It was
 disabled for testing.

---
 htdocs/login_form.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/login_form.php b/htdocs/login_form.php
index 37f0e38..6add50d 100644
--- a/htdocs/login_form.php
+++ b/htdocs/login_form.php
@@ -25,7 +25,7 @@ if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on') {
 # Check if a proxy server downstream does encryption for us
 elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && strtolower($_SERVER['HTTP_X_FORWARDED_PROTO']) == 'https' || !empty($_SERVER['HTTP_X_FORWARDED_SSL']) && strtolower($_SERVER['HTTP_X_FORWARDED_SSL'])
 == 'on') {
-        $isHTTPS = false;
+        $isHTTPS = true;
 }
 
 if (!$isHTTPS) {