From 553a5a700de9d0bb9f8b2cb483fbee96e1548203 Mon Sep 17 00:00:00 2001
From: Frederic Guillot <fred@miniflux.net>
Date: Sun, 4 Jun 2017 17:45:56 -0400
Subject: [PATCH] Handle HTTP header "X-Forwarded-Proto: https"

---
 app/helpers/app.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/app/helpers/app.php b/app/helpers/app.php
index bb10d54..a10c5ef 100644
--- a/app/helpers/app.php
+++ b/app/helpers/app.php
@@ -44,7 +44,7 @@ function parse_app_version($refnames, $commithash)
 
 function get_current_base_url()
 {
-    if(BASE_URL) {
+    if (BASE_URL) {
         $url = BASE_URL;
         return rtrim($url, '/') . '/';
     } else {
@@ -54,6 +54,7 @@ function get_current_base_url()
         if (strpos($_SERVER['HTTP_HOST'], ':') === false) {
             $url .= $_SERVER['SERVER_PORT'] == 80 || $_SERVER['SERVER_PORT'] == 443 ? '' : ':'.$_SERVER['SERVER_PORT'];
         }
+
         $url .= str_replace('\\', '/', dirname($_SERVER['PHP_SELF'])) !== '/' ? str_replace('\\', '/', dirname($_SERVER['PHP_SELF'])).'/' : '/';
 
         return $url;
@@ -62,7 +63,7 @@ function get_current_base_url()
 
 function is_secure_connection()
 {
-    return ! empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off';
+    return (! empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || (! empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https');
 }
 
 function write_debug_file() {