Merge pull request #3363 from zyhfish/bug/ssl-offloading-issue

ssl offloading need to check the header value as well.

DNN Platform/HttpModules/UrlRewrite/BasicUrlRewriter.cs

@@ -321,7 +321,7 @@ internal override void RewriteUrl(object sender, EventArgs e)
                     {
                         //if page is secure and connection is not secure orelse ssloffload is enabled and server value exists
                         if ((portalSettings.ActiveTab.IsSecure && !request.IsSecureConnection) &&
-                            (IsSSLOffloadEnabled(request) == false))
+                            (UrlUtils.IsSslOffloadEnabled(request) == false))
                         {
                             //switch to secure connection
                             strURL = requestedPath.Replace("http://", "https://");
@@ -793,23 +793,6 @@ private void RewriteUrl(HttpApplication app, out string portalAlias)
             }
         }
 
-
-        private bool IsSSLOffloadEnabled(HttpRequest request)
-        {
-            string ssloffloadheader = HostController.Instance.GetString("SSLOffloadHeader", "");
-            //if the ssloffloadheader variable has been set check to see if a request header with that type exists
-            if (!string.IsNullOrEmpty(ssloffloadheader))
-            {
-                string ssloffload = request.Headers[ssloffloadheader];
-                if (!string.IsNullOrEmpty(ssloffload))
-                {
-                    return true;
-                }
-                return false;
-            }
-            return false;
-        }
-
         #endregion
     }
 }

DNN Platform/Library/Common/Utilities/UrlUtils.cs

@@ -177,39 +177,28 @@ public static string[] GetQSParamsForNavigateURL()
         /// <returns>true if HTTPS or if HTTP with an SSL offload header value, false otherwise</returns>
         public static bool IsSecureConnectionOrSslOffload(HttpRequest request)
         {
-            var isRequestSSLOffloaded = IsRequestSSLOffloaded(request);
-            if (request.IsSecureConnection || isRequestSSLOffloaded)
-            {
-                return true;
-            }
-            string ssloffloadheader = HostController.Instance.GetString("SSLOffloadHeader", "");
+            return request.IsSecureConnection || IsSslOffloadEnabled(request);
+        }
+
+        public static bool IsSslOffloadEnabled(HttpRequest request)
+        {
+            var ssloffloadheader = HostController.Instance.GetString("SSLOffloadHeader", "");
+
             //if the ssloffloadheader variable has been set check to see if a request header with that type exists
             if (!string.IsNullOrEmpty(ssloffloadheader))
             {
-                string ssloffload = request.Headers[ssloffloadheader];
-                if (!string.IsNullOrEmpty(ssloffload))
+                var ssloffloadValue = string.Empty;
+                if (ssloffloadheader.Contains(":"))
                 {
-                    PortalSettings portalSettings = PortalController.Instance.GetCurrentPortalSettings();
-                    if (portalSettings.ActiveTab.IsSecure)
-                    {
-                        return true;
-                    }
-
+                    var settingParts = ssloffloadheader.Split(':');
+                    ssloffloadheader = settingParts[0];
+                    ssloffloadValue = settingParts[1];
                 }
-            }
-            return false;
-        }
 
-        private static bool IsRequestSSLOffloaded(HttpRequest request)
-        {
-            var sslOffLoadHeader = HostController.Instance.GetString("SSLOffloadHeader", "");
-
-            if (!string.IsNullOrEmpty(sslOffLoadHeader))
-            {
-                string ssloffload = request.Headers[sslOffLoadHeader];
-                if (!string.IsNullOrEmpty(ssloffload))
+                string ssloffload = request.Headers[ssloffloadheader];
+                if (!string.IsNullOrEmpty(ssloffload) && (string.IsNullOrWhiteSpace(ssloffloadValue) || ssloffloadValue == ssloffload))
                 {
-                    return true;
+                        return true;
                 }
             }
             return false;

DNN Platform/Library/Entities/Urls/AdvancedUrlRewriter.cs

@@ -113,7 +113,7 @@ internal override void RewriteUrl(object sender, EventArgs e)
                 var result = new UrlAction(request)
                                         {
                                             IsSecureConnection = request.IsSecureConnection,
-                                            IsSSLOffloaded = IsSSLOffloadEnabled(request),
+                                            IsSSLOffloaded = UrlUtils.IsSslOffloadEnabled(request),
                                             RawUrl = request.RawUrl
                                         };
                 ProcessRequest(app.Context,
@@ -1651,22 +1651,6 @@ private string ReplaceDomainName(string url, string replaceDomain, string withDo
             return url;
         }
 
-        private bool IsSSLOffloadEnabled(HttpRequest request)
-        {
-            var ssloffloadheader = HostController.Instance.GetString("SSLOffloadHeader");
-            //if the ssloffloadheader variable has been set check to see if a request header with that type exists
-            if (!string.IsNullOrEmpty(ssloffloadheader) && request != null)
-            {
-                string ssloffload = request.Headers[ssloffloadheader];
-                if (!string.IsNullOrEmpty(ssloffload))
-                {
-                    return true;
-                }
-                return false;
-            }
-            return false;
-        }
-
         protected bool IsPortalAliasIncorrect(HttpContext context, 
                                                     HttpRequest request, 
                                                     Uri requestUri,