From 1218f38a300f6acbed1e061bd2beaeccb34bedf6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20Pe=CC=81rez=20Crespo?= <jaime.perez@uninett.no>
Date: Mon, 16 Oct 2017 10:26:34 +0200
Subject: [PATCH] Do not add default ports to self URL when guessing it.

When we are invoked from an outside application, SimpleSAMLphp cannot use 'baseurlpath' and in that case it tries to guess the current URL. The port was always added, even if the default port was used, leading to possible issues when comparing URLs that should actually be equivalent.

This resolves #696.
---
 lib/SimpleSAML/Utils/HTTP.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index fd01223d7..9568d74af 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -780,12 +780,14 @@ class HTTP
              * It doesn't matter which one of those cases we have. We just know we can't apply our base URL to the
              * current URI, so we need to build it back from the PHP environment.
              */
+            $https = self::getServerHTTPS();
             $protocol = 'http';
-            $protocol .= (self::getServerHTTPS()) ? 's' : '';
+            $protocol .= $https ? 's' : '';
             $protocol .= '://';
 
             $hostname = self::getServerHost();
             $port = self::getServerPort();
+            $port = ($https && $port !== ':443') || (!$https && $port !== ':80') ? $port : '';
             return $protocol.$hostname.$port.$_SERVER['REQUEST_URI'];
         }
 
-- 
GitLab