I took a look at the code there, and it seems to be fixed already (with
strcasecmp)

Thanks for the tip though, but I guess its not a problem anymore

Phil

On 6/8/15, 12:25 PM, "Waldbieser, Carl" <[email protected]> wrote:

>Phil,
>
>You could issue a pull request on GitHub:
>
>  https://github.com/Jasig/phpCAS
>
>Thanks,
>Carl Waldbieser
>ITS Systems Programmer
>Lafayette College
>
>----- Original Message -----
>From: "Phil Romov" <[email protected]>
>To: [email protected]
>Sent: Monday, June 8, 2015 10:56:41 AM
>Subject: [cas-user] Bugfix for phpCAS _isHttps()
>
>I found what seems to be a bug in the _isHttps() function
>Amongs other things, it looks for $_SERVER[ŒHTTPS¹] != Œoff¹, but on my
>php server (zend server living on iseries) $_SERVER[ŒHTTPS¹] is set to
>ŒOFF¹ instead.  So the function returns true, even though https is set to
>OFF (then phpcas generates service=https:// for cas to redirect to, and
>the redirect doesn¹t work)
>
>To fix it, I use strtolower:
>
>
>    private function _isHttps()
>
>    {
>
>        var_dump($_SERVER);
>
>        if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
>
>            return ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https');
>
>        }
>
>        if ( isset($_SERVER['HTTPS'])
>
>            && !empty($_SERVER['HTTPS'])
>
>            && strtolower($_SERVER['HTTPS']) != 'off'
>
>        ) {
>
>            return true;
>
>        } else {
>
>            return false;
>
>        }
>
>    }
>
>
>Please let me know where to post this, if cas-user isn¹t the right place
>
>Thanks
>Phil
>
>-- 
>You are currently subscribed to [email protected] as:
>[email protected]
>To unsubscribe, change settings or access archives, see
>http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>
>-- 
>You are currently subscribed to [email protected] as:
>[email protected]
>To unsubscribe, change settings or access archives, see
>http://www.ja-sig.org/wiki/display/JSG/cas-user
>


-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to