Home > Chamilo, Documentation, English, Techie > Answering to different addresses with Chamilo

Answering to different addresses with Chamilo

One possible annoying element of Chamilo is it can only answer to one address at a time. This simply comes from a very old codebase and the fact that, at some point in the past, it wasn’t that easy to get the address from the URL or the HTTP headers in a reliable way.

Nowadays, though, it’s completely reliable to say that your host is (in PHP) $_SERVER[‘HTTP_HOST’], so you could hack the configuration file of Chamilo (main/inc/conf/configuration.php) like this:

  $_configuration['root_web'] = 'http://my.chamilo19.net/';
  if (!empty($_SERVER['HTTP_HOST'])) {
    $_configuration['root_web'] = 'http://'.$_SERVER['HTTP_HOST'].'/';

This might have a security impact, we are still assessing this. However, it is likely that this does not really impact security, as other similar systems (like Drupal, Joomla, etc) also let the HTTP_HOST determine the web root path. One alteration to this would be to manually allow for the definition of a “list” of authorized hosts.
If we cannot find any clear reason to prevent the use of this technique in Chamilo, it is likely versions starting from 1.10 will rely on this to avoid the strict dependency on the host defined in $_configuration[‘root_web’].
There will likely be a requirement on $_SERVER[‘SERVER_PROTOCOL’] as well to identify cases where we use HTTPS (SSL certificates).

Kudos to GMP Perú for passing this requirement on to us so we could work on it and find a good solution.

2014-02 edit:
Another customer has reported that, when using what they call a “safe browser” (proprietary piece of software, as far as we could tell), they ran into issues when moving to the next question in an exam.

Apparently, the so called “safe browser” tries to force HTTPS on top of a non-HTTPS communication, or to proxy the URLs in some way. This falls into the same kind of issues as above, as the server does not accept different URLs.

To fix this, we had to include HTTPS processing to the above code:
  $_configuration['root_web'] = 'http://my.chamilo19.net/';
  if (!empty($_SERVER['HTTP_HOST'])) {
    if (!empty($_SERVER['HTTPS'])) {
      $_configuration['root_web'] = 'https://'.$_SERVER['HTTP_HOST'].'/';
    } else {
      $_configuration['root_web'] = 'http://'.$_SERVER['HTTP_HOST'].'/';

2014-04 edit:

It seems that more and more weird requirements are appearing around this. Another customer wants to support both a local IP address with a sub-folder in which Chamilo lies (for example *and* a normal public domain like http://my.chamilo19.net/.

This is a slight issue in Chamilo, as we clearly differenciate between installations in a subfolder and installations in a “root” folder (o better said, “root domain path”).

Nevertheless, the following has been lightly tested and seems to be working just fine, as the only difference between sub-folder mode and root folder mode is the url_append element of the $_configuration array.

  // "/chamilo" is the subfolder, "" is the local IP,
  // "my.chamilo19.net" is the "root domain"
  $_configuration['url_append'] = '/chamilo';
  $_configuration['root_web'] = '';
  if (!empty($_SERVER['HTTP_HOST']) && $_SERVER['HTTP_HOST'] != '') {
    if (!empty($_SERVER['HTTPS'])) {
      $_configuration['root_web'] = 'https://my.chamilo19.net/';
    } else {
      $_configuration['root_web'] = 'http://my.chamilo19.net/';
    $_configuration['url_append'] = '';

This type of configuration will NOT work, however, with a single SSL certificate, and will definitely not work with the IP address (you need to define a real host name to get a certificate for).

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: