From 9ff35c28f32483975090273a310b0d84ced62874 Mon Sep 17 00:00:00 2001
From: daniel <daniel.barbero@artica.es>
Date: Fri, 12 Aug 2016 13:35:22 +0200
Subject: [PATCH] ticket integria: 3956 #22

---
 pandora_console/mobile/index.php | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/pandora_console/mobile/index.php b/pandora_console/mobile/index.php
index c9da43fb05..d457d600a8 100644
--- a/pandora_console/mobile/index.php
+++ b/pandora_console/mobile/index.php
@@ -41,6 +41,30 @@ require_once('operation/visualmap.php');
 $enterpriseHook = enterprise_include('mobile/include/enterprise.class.php');
 $enterpriseHook = enterprise_include('mobile/operation/home.php');
 
+if (!empty ($config["https"]) && empty ($_SERVER['HTTPS'])) {
+	$query = '';
+	if (sizeof ($_REQUEST))
+		//Some (old) browsers don't like the ?&key=var
+		$query .= 'mobile/index.php?1=1';
+	
+	//We don't clean these variables up as they're only being passed along
+	foreach ($_GET as $key => $value) {
+		if ($key == 1)
+			continue;
+		$query .= '&'.$key.'='.$value;
+	}
+	foreach ($_POST as $key => $value) {
+		$query .= '&'.$key.'='.$value;
+	}
+	$url = ui_get_full_url($query);
+	
+	// Prevent HTTP response splitting attacks
+	// http://en.wikipedia.org/wiki/HTTP_response_splitting
+	$url = str_replace ("\n", "", $url);
+	header ('Location: '.$url);
+	exit; //Always exit after sending location headers
+}
+
 $system = System::getInstance();
 
 require_once($system->getConfig('homedir').'/include/constants.php');