From: Tim Starling <tstarling@wikimedia.org>
Date: Wed, 14 May 2014 03:49:26 +0000 (+1000)
Subject: Avoid an infinite redirect in $wgSecureLogin handling
X-Git-Tag: 1.31.0-rc.0~15713^2
X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=commitdiff_plain;h=63525284c6f8c45e70a35979e3ba798592c1034b

Avoid an infinite redirect in $wgSecureLogin handling

If, for some reason, (e.g. https://gerrit.wikimedia.org/r/#/c/133205/ )
HTTPS requests are not recognised as such and WebRequest::getProtocol()
unconditionally returns "http", use the fromhttp parameter to avoid an
infinite redirect loop.

Change-Id: Iefbf679ef995f5e347e2b9c3f1f5a5b22055e107
---

diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php
index b049975e3e..27fecca872 100644
--- a/includes/specials/SpecialUserlogin.php
+++ b/includes/specials/SpecialUserlogin.php
@@ -193,7 +193,10 @@ class LoginForm extends SpecialPage {
 				'title' => null,
 			) + $this->mRequest->getQueryValues();
 			$url = $title->getFullURL( $query, false, PROTO_HTTPS );
-			if ( $wgSecureLogin && wfCanIPUseHTTPS( $this->getRequest()->getIP() ) ) {
+			if ( $wgSecureLogin
+				&& wfCanIPUseHTTPS( $this->getRequest()->getIP() )
+				&& !$this->mFromHTTP ) // Avoid infinite redirect
+			{
 				$url = wfAppendQuery( $url, 'fromhttp=1' );
 				$this->getOutput()->redirect( $url );
 				// Since we only do this redir to change proto, always vary