Avoid an infinite redirect in $wgSecureLogin handling

If, for some reason, (e.g. https://gerrit.wikimedia.org/r/#/c/133205/ )
HTTPS requests are not recognised as such and WebRequest::getProtocol()
unconditionally returns "http", use the fromhttp parameter to avoid an
infinite redirect loop.

Change-Id: Iefbf679ef995f5e347e2b9c3f1f5a5b22055e107

diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index b049975..27fecca 100644 (file)
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -193,7 +193,10 @@ class LoginForm extends SpecialPage {
                                'title' => null,
                        ) + $this->mRequest->getQueryValues();
                        $url = $title->getFullURL( $query, false, PROTO_HTTPS );
-                       if ( $wgSecureLogin && wfCanIPUseHTTPS( $this->getRequest()->getIP() ) ) {
+                       if ( $wgSecureLogin
+                               && wfCanIPUseHTTPS( $this->getRequest()->getIP() )
+                               && !$this->mFromHTTP ) // Avoid infinite redirect
+                       {
                                $url = wfAppendQuery( $url, 'fromhttp=1' );
                                $this->getOutput()->redirect( $url );
                                // Since we only do this redir to change proto, always vary