PHP :: Request #55403 :: $_SERVER['HTTPS'] should be undefined on unsecure connection

Request #55403	$_SERVER['HTTPS'] should be undefined on unsecure connection
Submitted:	2011-08-11 17:19 UTC	Modified:	2011-08-18 19:13 UTC
From:	thetaphi@php.net	Assigned:	thetaphi (profile)
Status:	Closed	Package:	iPlanet related
PHP Version:	Irrelevant	OS:
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	thetaphi@php.net
New email:
PHP Version:		OS:

New Comment:

[2011-08-11 17:19 UTC] thetaphi@php.net

Description:
------------
All other SAPIs (Apache, too, of course) only set the $_SERVER['HTTPS'] variable 
to "ON", if a secure connection is availab.e The key is undefined otherwise. NSAPI 
on the other hand defines $_SERVER['HTTPS']='OFF' in this case. This breaks apps 
that just do an isset() test (Drupal,...).

Patches

PatchForTrunk.patch (last revision 2011-08-11 17:21 UTC by thetaphi@php.net)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2011-08-11 17:21 UTC] thetaphi@php.net

The following patch has been added/updated:

Patch Name: PatchForTrunk.patch
Revision:   1313083309
URL:        https://bugs.php.net/patch-display.php?bug=55403&patch=PatchForTrunk.patch&revision=1313083309

[2011-08-11 17:24 UTC] thetaphi@php.net

I will commit this patch to trunk and 5.4, also after 5.3.7 is released, I will 
merge there, too.

[2011-08-11 17:36 UTC] thetaphi@php.net

-Assigned To: +Assigned To: thetaphi

[2011-08-11 20:25 UTC] thetaphi@php.net

Automatic comment from SVN on behalf of thetaphi
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=314799
Log: Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection

[2011-08-11 20:26 UTC] thetaphi@php.net

I will keep this open until committing to 5.3 is possible again.

[2011-08-18 19:12 UTC] thetaphi@php.net

Automatic comment from SVN on behalf of thetaphi
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=315149
Log: Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection

[2011-08-18 19:13 UTC] thetaphi@php.net

-Status: Assigned +Status: Closed

[2011-08-18 19:13 UTC] thetaphi@php.net

This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

Committed to 5.3.8 branch, 5.4, trunk

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sun Oct 27 16:01:27 2024 UTC