https://bz.apache.org/bugzilla/show_bug.cgi?id=61519
Reindl Harald <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW --- Comment #10 from Reindl Harald <[email protected]> --- httpd has a completly split brain here Apache Environment from phpinfo(): HTTPS on SSL_TLS_SNI local.rhsoft.net HTTP_HOST local.rhsoft.net SERVER_NAME local.rhsoft.net SERVER_PORT 80 REQUEST_SCHEME http focus on the "HTTPS" which is corrent versus wrong "SERVER_PORT" and "REQUEST_SCHEME" - thi smakes it possible to put some hacks in php-libraries and overwrite it so that most scripts behave correctly but you can't hack the wrong redirect to http:// when one tries to access a folder without the trailing slash because that redirect is done by httpd itself and fianlyl you have a *real probem* in your client becasue proper sent cookies with secure-Flags are gone, logins don#t work, you don't realize that you unintenionally switched to unecnrypted and that leads to support calls for every single vhost which get mirgated to dual-stack and letsencrypt you *clearly* know the fact it's https, so REQUEST_SCHEME is easily to fix and you know the incoming port from the network layer - frankly there is no sane reason to get that wrong and set it to 80 when the lcient is connected to 443 -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
