Fix HTTPS detection and file permissions for ZIP upload

- Check X-Forwarded-Proto header for HTTPS (reverse proxy) - chmod extracted files to be world-readable for Playwright Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-13 07:43:28 -08:00 · 2026-02-13 07:43:28 -08:00 · 336aef8685
commit 336aef8685
parent ddaac523bf
1 changed files with 9 additions and 1 deletions
--- a/api/setup/uploadSavedPage.cfm
+++ b/api/setup/uploadSavedPage.cfm
@ -68,6 +68,12 @@
    <!--- Extract the ZIP file --->
    <cfzip action="unzip" file="#uploadedFile#" destination="#extractDir#" overwrite="true">

+    <!--- Make extracted files world-readable for nginx/Playwright --->
+    <cftry>
+        <cfexecute name="chmod" arguments="-R o+rX #extractDir#" timeout="10" />
+    <cfcatch></cfcatch>
+    </cftry>
+
    <!--- Delete the uploaded ZIP --->
    <cffile action="delete" file="#uploadedFile#">

@ -146,7 +152,9 @@

    <!--- Determine the server hostname for the URL --->
    <cfset serverHost = cgi.HTTP_HOST>
-    <cfset protocol = cgi.HTTPS EQ "on" ? "https" : "http">
+    <!--- Check X-Forwarded-Proto for reverse proxy, fall back to cgi.HTTPS --->
+    <cfset forwardedProto = structKeyExists(getHttpRequestData().headers, "X-Forwarded-Proto") ? getHttpRequestData().headers["X-Forwarded-Proto"] : "">
+    <cfset protocol = (forwardedProto EQ "https" OR cgi.HTTPS EQ "on") ? "https" : "http">

    <cfset response["OK"] = true>
    <cfset response["MESSAGE"] = "ZIP extracted successfully">