php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #54591 http://doc.php.net redirect to https
Submitted: 2011-04-22 14:26 UTC Modified: 2011-04-22 14:43 UTC
From: tyra3l at gmail dot com Assigned: bjori (profile)
Status: Closed Package: Website problem
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: tyra3l at gmail dot com
New email:
PHP Version: OS:

 

 [2011-04-22 14:26 UTC] tyra3l at gmail dot com
Description:
------------
currently http://doc.php.net is redirected to https, I don't know why this is 
necessary, but this host is also used as a pear repository (and a default one), 
but the channel.xml on that host contains references to http://doc.php.net so 
currently there are many unnecessary roundtrips and redirects involved with that 
channels.
I think that if we need doc.php.net to be only available through https, then the 
channel.xml should also use the https links to save the network ping-pong.

On the sidenote: why do we force ssl on that page? depending on the answer, maybe 
it would be a good idea to force it on pear.php.net/pecl.php.net also (then update 
the pear stuff there also)


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-04-22 14:40 UTC] bjori@php.net
Automatic comment from SVN on behalf of bjori
Revision: http://svn.php.net/viewvc/?view=revision&revision=310435
Log: doc.php.net should be on https, fixes bug#54591
 [2011-04-22 14:43 UTC] bjori@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: bjori
 [2011-04-22 14:43 UTC] bjori@php.net
Its forcing ssl because devs can login using their vcs credentials.

pecl and pear should also be running on https.

The channels themselves have no need to be on https though, don't think its worth 
the trouble to try to separate these though
 [2011-04-22 14:56 UTC] tyra3l at gmail dot com
"The channels themselves have no need to be on https though"
yeah, but currently, they are, because they are on the same vhost.

we could add the pear files and dirs as exceptions to the redirect rule, but 
that would be cumbersome.
I agree that there is no need to move the channels to https, and that breaks bc 
(some ppl. could have firewall rules, which would prevent pear/pecl from working 
through https), but if we want to force the https transition on the sites, we 
have to do something about this issue.
maybe check for useragent? 
AFAIK pear sets that to PEAR/PEAR_VERSION/PHP/PHP_VERSION
so we could use that to decide whether we should redirect or not.
a little bit hackish though. 

Tyrael
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Dec 03 21:01:29 2024 UTC