Merge pull request #3265 from michalsn/fix/use_request_headers

Check server headers via Request class
2025-02-20 11:44:28 +08:00 · 2020-07-12 08:07:02 +02:00 · 2020-07-12 08:07:02 +02:00 · 6cf6c8b473
commit 6cf6c8b473
parent 5d0b3cde9e 850ee9b1e9
2 changed files with 6 additions and 7 deletions
--- a/system/HTTP/IncomingRequest.php
+++ b/system/HTTP/IncomingRequest.php
@ -294,8 +294,7 @@ class IncomingRequest extends Request
 	 */
 	public function isAJAX(): bool
 	{
-		return ( ! empty($_SERVER['HTTP_X_REQUESTED_WITH']) &&
-				strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest');
+		return $this->hasHeader('X-Requested-With') && strtolower($this->getHeader('X-Requested-With')->getValue()) === 'xmlhttprequest';
 	}

 	//--------------------------------------------------------------------
@ -312,11 +311,11 @@ class IncomingRequest extends Request
 		{
 			return true;
 		}
-		elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
+		elseif ($this->hasHeader('X-Forwarded-Proto') && $this->getHeader('X-Forwarded-Proto')->getValue() === 'https')
 		{
 			return true;
 		}
-		elseif (! empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')
+		elseif ($this->hasHeader('Front-End-Https') && ! empty($this->getHeader('Front-End-Https')->getValue()) && strtolower($this->getHeader('Front-End-Https')->getValue()) !== 'off')
 		{
 			return true;
 		}
--- a/tests/system/HTTP/IncomingRequestTest.php
+++ b/tests/system/HTTP/IncomingRequestTest.php
@ -326,7 +326,7 @@ class IncomingRequestTest extends \CodeIgniter\Test\CIUnitTestCase

 	public function testIsAJAX()
 	{
-		$_SERVER['HTTP_X_REQUESTED_WITH'] = 'xmlhttprequest';
+		$this->request->appendHeader('X-Requested-With', 'XMLHttpRequest');
 		$this->assertTrue($this->request->isAJAX());
 	}

@ -340,13 +340,13 @@ class IncomingRequestTest extends \CodeIgniter\Test\CIUnitTestCase

 	public function testIsSecureFrontEnd()
 	{
-		$_SERVER['HTTP_FRONT_END_HTTPS'] = 'on';
+		$this->request->appendHeader('Front-End-Https', 'on');
 		$this->assertTrue($this->request->isSecure());
 	}

 	public function testIsSecureForwarded()
 	{
-		$_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https';
+		$this->request->appendHeader('X-Forwarded-Proto', 'https');
 		$this->assertTrue($this->request->isSecure());
 	}