From aa77d0045436d825a0fe8ecfa401352f9aabc8ac Mon Sep 17 00:00:00 2001
From: Andranik Badalyan <andranikvbadalyan@gmail.com>
Date: Thu, 30 Aug 2018 12:48:25 -0700
Subject: [PATCH 1/2] Check for secure port in url() function

---
 src/Stylist/Html/ThemeHtmlBuilder.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/Stylist/Html/ThemeHtmlBuilder.php b/src/Stylist/Html/ThemeHtmlBuilder.php
index 0d8bb21..f80105a 100644
--- a/src/Stylist/Html/ThemeHtmlBuilder.php
+++ b/src/Stylist/Html/ThemeHtmlBuilder.php
@@ -83,14 +83,17 @@ public function image($url, $alt = null, $attributes = array(), $secure = null)
     }
 
     /**
-     * Returns the theme's public URI location. This is not a full URL. If you wish
-     * for a full URL, simply add the site's URL configuration to this path.
+     * Checks if HTTPS / HTTP and returns full URL.
      *
      * @param string $file
      * @return string
      */
     public function url($file = '')
     {
+        if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443 || $_SERVER['HTTP_X_FORWARDED_PORT'] == 443) {
+            return secure_url($this->assetUrl($file));
+        }
+
         return url($this->assetUrl($file));
     }
 

From f4222c2425ac36c4a71b7a27de3b44c8aad07637 Mon Sep 17 00:00:00 2001
From: Andranik Badalyan <andranikvbadalyan@gmail.com>
Date: Thu, 30 Aug 2018 13:09:52 -0700
Subject: [PATCH 2/2] Check is secure

---
 src/Stylist/Html/ThemeHtmlBuilder.php | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/src/Stylist/Html/ThemeHtmlBuilder.php b/src/Stylist/Html/ThemeHtmlBuilder.php
index f80105a..b0e022b 100644
--- a/src/Stylist/Html/ThemeHtmlBuilder.php
+++ b/src/Stylist/Html/ThemeHtmlBuilder.php
@@ -90,7 +90,7 @@ public function image($url, $alt = null, $attributes = array(), $secure = null)
      */
     public function url($file = '')
     {
-        if ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443 || $_SERVER['HTTP_X_FORWARDED_PORT'] == 443) {
+        if ($this->isSecure()) {
             return secure_url($this->assetUrl($file));
         }
 
@@ -133,4 +133,22 @@ protected function assetUrl($url)
 
         return $url;
     }
+
+    protected function isSecure(){
+
+        if (isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
+            return true;
+        }
+
+        if (isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == 443) {
+            return true;
+        }
+
+        // AWS Load Balancer
+        if (isset($_SERVER['HTTP_X_FORWARDED_PORT']) && $_SERVER['HTTP_X_FORWARDED_PORT']??'' == 443) {
+            return true;
+        }
+
+        return false;
+    }
 }