php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #55403 $_SERVER['HTTPS'] should be undefined on unsecure connection
Submitted: 2011-08-11 17:19 UTC Modified: 2011-08-18 19:13 UTC
From: thetaphi@php.net Assigned: thetaphi (profile)
Status: Closed Package: iPlanet related
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
MUST BE VALID
Solve the problem:
47 - 26 = ?
Subscribe to this entry?

 
 [2011-08-11 17:19 UTC] thetaphi@php.net
Description:
------------
All other SAPIs (Apache, too, of course) only set the $_SERVER['HTTPS'] variable 
to "ON", if a secure connection is availab.e The key is undefined otherwise. NSAPI 
on the other hand defines $_SERVER['HTTPS']='OFF' in this case. This breaks apps 
that just do an isset() test (Drupal,...).


Patches

PatchForTrunk.patch (last revision 2011-08-11 17:21 UTC) by thetaphi@php.net)

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-08-11 17:21 UTC] thetaphi@php.net
The following patch has been added/updated:

Patch Name: PatchForTrunk.patch
Revision:   1313083309
URL:        https://bugs.php.net/patch-display.php?bug=55403&patch=PatchForTrunk.patch&revision=1313083309
 [2011-08-11 17:24 UTC] thetaphi@php.net
I will commit this patch to trunk and 5.4, also after 5.3.7 is released, I will 
merge there, too.
 [2011-08-11 17:36 UTC] thetaphi@php.net
-Assigned To: +Assigned To: thetaphi
 [2011-08-11 20:25 UTC] thetaphi@php.net
Automatic comment from SVN on behalf of thetaphi
Revision: http://svn.php.net/viewvc/?view=revision&revision=314799
Log: Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection
 [2011-08-11 20:26 UTC] thetaphi@php.net
I will keep this open until committing to 5.3 is possible again.
 [2011-08-18 19:12 UTC] thetaphi@php.net
Automatic comment from SVN on behalf of thetaphi
Revision: http://svn.php.net/viewvc/?view=revision&revision=315149
Log: Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection
 [2011-08-18 19:13 UTC] thetaphi@php.net
-Status: Assigned +Status: Closed
 [2011-08-18 19:13 UTC] thetaphi@php.net
This bug has been fixed in SVN.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

Committed to 5.3.8 branch, 5.4, trunk
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Sun Nov 19 01:31:42 2017 UTC