From 8dfb1b14c772da71bb6ce17b48588910c64af40b Mon Sep 17 00:00:00 2001
From: Daniel Rudolf <github.com@daniel-rudolf.de>
Date: Sun, 17 Apr 2016 02:44:41 +0200
Subject: [PATCH] Improve HTTPS detection with proxies

Fixes #344. Thanks @Robby-

Implementation details taken from Symfony 3.0.4, method \Symfony\Component\HttpFoundation\Request::isSecure(), see https://github.com/symfony/symfony/blob/v3.0.4/src/Symfony/Component/HttpFoundation/Request.php#L1169-L1192
---
 CHANGELOG.md | 1 +
 lib/Pico.php | 7 ++++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 020d155..a3ae6eb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@ Released: -
 * [Changed] Improve documentation
 * [Changed] Add CSS rules for definition lists to default theme
 * [Fixed] #342: Fix responsiveness in default theme
+* [Fixed] #344: Improve HTTPS detection with proxies
 ```
 
 ### Version 1.0.2
diff --git a/lib/Pico.php b/lib/Pico.php
index ffcd6b4..f566a06 100644
--- a/lib/Pico.php
+++ b/lib/Pico.php
@@ -1237,12 +1237,13 @@ class Pico
         }
 
         $protocol = 'http';
-        if (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] !== 'off')) {
+        if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
+            $secureProxyHeader = strtolower(current(explode(',', $_SERVER['HTTP_X_FORWARDED_PROTO'])));
+            $protocol = in_array($secureProxyHeader, array('https', 'on', 'ssl', '1')) ? 'https' : 'http';
+        } elseif (!empty($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] !== 'off')) {
             $protocol = 'https';
         } elseif ($_SERVER['SERVER_PORT'] == 443) {
             $protocol = 'https';
-        } elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')) {
-            $protocol = 'https';
         }
 
         $this->config['base_url'] =