PHP :: Request #55403 :: $_SERVER['HTTPS'] should be undefined on unsecure connection

Request #55403	$_SERVER['HTTPS'] should be undefined on unsecure connection
Submitted:	2011-08-11 17:19 UTC	Modified:	2011-08-18 19:13 UTC
From:	thetaphi@php.net	Assigned:	thetaphi (profile)
Status:	Closed	Package:	iPlanet related
PHP Version:	Irrelevant	OS:
Private report:	No	CVE-ID:	None

View Developer Edit

[2011-08-11 17:19 UTC] thetaphi@php.net

Description:
------------
All other SAPIs (Apache, too, of course) only set the $_SERVER['HTTPS'] variable 
to "ON", if a secure connection is availab.e The key is undefined otherwise. NSAPI 
on the other hand defines $_SERVER['HTTPS']='OFF' in this case. This breaks apps 
that just do an isset() test (Drupal,...).

Patches

PatchForTrunk.patch (last revision 2011-08-11 17:21 UTC by thetaphi@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2011-08-11 17:21 UTC] thetaphi@php.net

The following patch has been added/updated:

Patch Name: PatchForTrunk.patch
Revision:   1313083309
URL:        https://bugs.php.net/patch-display.php?bug=55403&patch=PatchForTrunk.patch&revision=1313083309

[2011-08-11 17:24 UTC] thetaphi@php.net

I will commit this patch to trunk and 5.4, also after 5.3.7 is released, I will 
merge there, too.

[2011-08-11 17:36 UTC] thetaphi@php.net

-Assigned To: +Assigned To: thetaphi

[2011-08-11 20:25 UTC] thetaphi@php.net

Automatic comment from SVN on behalf of thetaphi
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=314799
Log: Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection

[2011-08-11 20:26 UTC] thetaphi@php.net

I will keep this open until committing to 5.3 is possible again.

[2011-08-18 19:12 UTC] thetaphi@php.net

Automatic comment from SVN on behalf of thetaphi
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=315149
Log: Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection

[2011-08-18 19:13 UTC] thetaphi@php.net

-Status: Assigned +Status: Closed

[2011-08-18 19:13 UTC] thetaphi@php.net

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

Committed to 5.3.8 branch, 5.4, trunk

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Thu Nov 21 09:01:32 2024 UTC