Hi there,
I have my Kirby running in an Apache Docker Container behind a NGINX Proxy (I use the Dokku setup). Sadly Kirby can’t see that the server is being accessed over HTTPS. I have a dump of the Kirby Environment.
array(10) {
["baseUrl"]=>
string(33) "http://www.example.de"
["host"]=>
string(26) "www.example.de"
["https"]=>
bool(false)
["info"]=>
array(82) {
["DOKKU_PROXY_PORT"]=>
string(2) "80"
["DOKKU_APP_TYPE"]=>
string(9) "herokuish"
["COMPOSER_NO_INTERACTION"]=>
string(1) "1"
["HOSTNAME"]=>
string(12) "97f711d680b4"
["DOKKU_PROXY_SSL_PORT"]=>
string(3) "443"
["HEROKU_APP_DIR"]=>
string(4) "/app"
["MEMORY_AVAILABLE"]=>
string(3) "512"
["CACHE_PATH"]=>
string(6) "/cache"
["HEROKUISH_VERSION"]=>
string(6) "0.5.36"
["HEROKU_PHP_HTTPD_CONFIG_INCLUDE"]=>
string(73) "/app/vendor/heroku/heroku-buildpack-php/conf/apache2/default_include.conf"
["DOCUMENT_ROOT"]=>
string(11) "/app/public"
["DOKKU_APP_RESTORE"]=>
string(1) "1"
["PWD"]=>
string(4) "/app"
["PORT"]=>
string(4) "5000"
["NODE_ENV"]=>
string(10) "production"
["NODE_HOME"]=>
string(17) "/app/.heroku/node"
["COMPOSER_VENDOR_DIR"]=>
string(6) "vendor"
["HOME"]=>
string(4) "/app"
["HEROKU_PHP_GRACEFUL_SIGTERM"]=>
string(1) "1"
["COMPOSER_PROCESS_TIMEOUT"]=>
string(1) "0"
["USER"]=>
string(13) "herokuishuser"
["COMPOSER_MIRROR_PATH_REPOS"]=>
string(1) "1"
["BUILDPACK_SSH_KEY"]=>
string(410) "***"
["SHLVL"]=>
string(1) "0"
["CURL_CONNECT_TIMEOUT"]=>
string(2) "90"
["CURL_TIMEOUT"]=>
string(3) "600"
["SELF_EXECUTABLE"]=>
string(18) "/usr/bin/herokuish"
["COMPOSER_BIN_DIR"]=>
string(10) "vendor/bin"
["WEB_MEMORY"]=>
string(3) "512"
["WEB_CONCURRENCY"]=>
string(1) "1"
["DOKKU_PROXY_PORT_MAP"]=>
string(27) "http:80:5000 https:443:5000"
["STACK"]=>
string(9) "heroku-20"
["DOKKU_LETSENCRYPT_EMAIL"]=>
string(22) "admin@jungesmusical.de"
["PATH"]=>
string(298) "/app/.heroku/node/bin:/app/.heroku/yarn/bin:/app/.heroku/bin:/app/.heroku/php/sbin:/app/.heroku/php/bin:/app/.heroku/php/bin:/app/.heroku/php/sbin:/app/.heroku/php/bin:/app/.heroku/php/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/app/vendor/bin:/app/bin:/app/node_modules/.bin"
["SELF"]=>
string(6) "/start"
["GIT_REV"]=>
string(40) "***"
["DYNO"]=>
string(5) "web.1"
["DEBIAN_FRONTEND"]=>
string(14) "noninteractive"
["BUILDPACK_GIT_LFS_REPO"]=>
string(55) "git@github.com:jungesmusical/jungesmusical.de-dokku.git"
["OLDPWD"]=>
string(1) "/"
["_"]=>
string(29) "/app/.heroku/php/sbin/php-fpm"
["SCRIPT_NAME"]=>
string(10) "/index.php"
["REQUEST_URI"]=>
string(1) "/"
["QUERY_STRING"]=>
string(0) ""
["REQUEST_METHOD"]=>
string(3) "GET"
["SERVER_PROTOCOL"]=>
string(8) "HTTP/1.1"
["GATEWAY_INTERFACE"]=>
string(7) "CGI/1.1"
["REMOTE_PORT"]=>
string(5) "59202"
["SCRIPT_FILENAME"]=>
string(21) "/app/public/index.php"
["SERVER_ADMIN"]=>
string(15) "you@example.com"
["CONTEXT_DOCUMENT_ROOT"]=>
string(11) "/app/public"
["CONTEXT_PREFIX"]=>
string(0) ""
["REQUEST_SCHEME"]=>
string(4) "http"
["REMOTE_ADDR"]=>
string(10) "172.17.0.1"
["SERVER_PORT"]=>
int(80)
["SERVER_ADDR"]=>
string(10) "172.17.0.5"
["SERVER_NAME"]=>
string(26) "www.example.de"
["SERVER_SOFTWARE"]=>
string(6) "Apache"
["SERVER_SIGNATURE"]=>
string(0) ""
["HTTP_COOKIE"]=>
string(153) "kirby_session=***"
}
}
In contrast to that I have dumped the Headers that are accessible to PHP:
array(20) {
["Cookie"]=>
string(153) "kirby_session=***"
["Accept-Language"]=>
string(53) "de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7,lb;q=0.6,la;q=0.5"
["Accept-Encoding"]=>
string(17) "gzip, deflate, br"
["Sec-Fetch-Dest"]=>
string(8) "document"
["Sec-Fetch-User"]=>
string(2) "?1"
["Sec-Fetch-Mode"]=>
string(8) "navigate"
["Sec-Fetch-Site"]=>
string(4) "none"
["Accept"]=>
string(135) "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"
["User-Agent"]=>
string(117) "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36"
["Upgrade-Insecure-Requests"]=>
string(1) "1"
["Sec-Ch-Ua-Platform"]=>
string(7) ""macOS""
["Sec-Ch-Ua-Mobile"]=>
string(2) "?0"
["Sec-Ch-Ua"]=>
string(66) ""Chromium";v="104", " Not A;Brand";v="99", "Google Chrome";v="104""
["Cache-Control"]=>
string(9) "max-age=0"
["X-Request-Start"]=>
string(14) "1661552534.563"
["X-Forwarded-Proto"]=>
string(5) "https"
["X-Forwarded-Port"]=>
int(443)
["X-Forwarded-For"]=>
string(11) "89.1.216.14"
["Host"]=>
string(26) "www.example.de"
["Authorization"]=>
string(18) "Basic ***"
}
Is there a way for Kirby to know the X-Forwarded-Proto
header? I also tried to set the ‘X-Forwarded-Ssl’ header which sadly didn’t work as well.