https redirect

[frostschutz]

currently the redirect forces users to (not) use https depending on the bburl setting

there should be a setting to make it ignore https status so users can choose themselves whether they want to use https or not.

[frostschutz]

cloudflare seems to set

[HTTP_X_FORWARDED_PROTO] => https

while

[SERVER_PORT] => 80

etc.

This just doesn't work well. Maybe the redirect should just be relative whenever possible...

[frostschutz]

For cloudflare in particular there is also [HTTP_CF_VISITOR] => {"scheme":"https"}

[Thomas131]

This was just creating a redirect loop on my forum ... We just upgraded to use Caddy as a reverse Proxy.
For sure, the PHP-Script thinks that it is an http-Request, even though it is https from the outside ... I think $_SERVER["HTTP_X_FORWARDED_PROTO"] (if set) should be valued more than the internal https-status. I also think that this should be labeled as bug.