I'm looking for advice on how to handle an unusual set up. I have a silverstripe site that is supposed to be accessible through both https and http. The site is load balanced and the load balancer handles the ssl decryption and passes all traffic to the apache server as standard http on port 80 for http and another port for https. Some header rewriting takes place to get everything working and most things do!
My problem is that the base tag always starts http which causes a security warning to pop up in IE about unsecured content when the site is viewed over https. Curiously Safari and Firefox don't seem to care - but that's not a problem. So I'm stuck as to how to fix this and I'm looking for suggestions.
One thing I tried was setting base_tag in SSViewer to Director::baseURL rather than Director::absoluteBaseUrl with a config option setting baseURL to "/". Sadly FF3.5 and IE8 + didn't like a relative link here and ignored the base tag, which is fair enough since he spec says the base href must be absolute (Safari didn't care though!).
I have access to header rewrite rules at the load balancer but I cannot rewrite the body... I'm looking at this line in the protocolAndHost method of Director.php:
$s = (isset($_SERVER['SSL']) || (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')) ? 's' : '';
and I'm wondering if I can add any headers that will make one of those conditions equate to true even when the traffic is not encrypted.