From 1d620f3936cbef1b1cf2b284c7d0d7456c8df7cc Mon Sep 17 00:00:00 2001
From: Xuehan Xu <xuxuehan@qianxin.com>
Date: Wed, 7 May 2025 12:37:52 +0800
Subject: [PATCH] rgw/rgw_rest: determine the domain uri prefix by
 rgw_transport_is_secure

Instead of relying only on SERVER_PORT_SECURE.

This is useful when a proxy is used in front of the rgw for ssl
terminations.

Fixes: https://tracker.ceph.com/issues/71229
Signed-off-by: Xuehan Xu <xuxuehan@qianxin.com>
(cherry picked from commit 12154f287eb86c4dd48d7b6f02c725e858ff99ab)
---
 src/rgw/rgw_rest.h     | 3 +--
 src/rgw/rgw_rest_s3.cc | 4 ++--
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/rgw/rgw_rest.h b/src/rgw/rgw_rest.h
index a302257e428bc..098cb3a3dc47d 100644
--- a/src/rgw/rgw_rest.h
+++ b/src/rgw/rgw_rest.h
@@ -888,8 +888,7 @@ inline std::string compute_domain_uri(const req_state *s) {
   std::string uri = (!s->info.domain.empty()) ? s->info.domain :
     [&s]() -> std::string {
     RGWEnv const &env(*(s->info.env));
-    std::string uri =
-    env.get("SERVER_PORT_SECURE") ? "https://" : "http://";
+    std::string uri = rgw_transport_is_secure(s->cct, env) ? "https://" : "http://";
     if (env.exists("SERVER_NAME")) {
       uri.append(env.get("SERVER_NAME", "<SERVER_NAME>"));
     } else {
diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
index 232e43b8c2924..11f85751b47a9 100644
--- a/src/rgw/rgw_rest_s3.cc
+++ b/src/rgw/rgw_rest_s3.cc
@@ -5914,7 +5914,7 @@ int RGWHandler_REST_S3Website::retarget(RGWOp* op, RGWOp** new_op, optional_yiel
   if (should_redirect) {
     const string& hostname = s->info.env->get("HTTP_HOST", "");
     const string& protocol =
-      (s->info.env->get("SERVER_PORT_SECURE") ? "https" : "http");
+      (rgw_transport_is_secure(s->cct, *s->info.env) ? "https" : "http");
     int redirect_code = 0;
     rrule.apply_rule(protocol, hostname, key_name, &s->redirect,
 		    &redirect_code);
@@ -6045,7 +6045,7 @@ int RGWHandler_REST_S3Website::error_handler(int err_no,
   if (should_redirect) {
     const string& hostname = s->info.env->get("HTTP_HOST", "");
     const string& protocol =
-      (s->info.env->get("SERVER_PORT_SECURE") ? "https" : "http");
+      (rgw_transport_is_secure(s->cct, *s->info.env) ? "https" : "http");
     int redirect_code = 0;
     rrule.apply_rule(protocol, hostname, original_object_name,
                      &s->redirect, &redirect_code);
-- 
2.39.5