I took a look at the code there, and it seems to be fixed already (with strcasecmp)
Thanks for the tip though, but I guess its not a problem anymore Phil On 6/8/15, 12:25 PM, "Waldbieser, Carl" <[email protected]> wrote: >Phil, > >You could issue a pull request on GitHub: > > https://github.com/Jasig/phpCAS > >Thanks, >Carl Waldbieser >ITS Systems Programmer >Lafayette College > >----- Original Message ----- >From: "Phil Romov" <[email protected]> >To: [email protected] >Sent: Monday, June 8, 2015 10:56:41 AM >Subject: [cas-user] Bugfix for phpCAS _isHttps() > >I found what seems to be a bug in the _isHttps() function >Amongs other things, it looks for $_SERVER[ŒHTTPS¹] != Œoff¹, but on my >php server (zend server living on iseries) $_SERVER[ŒHTTPS¹] is set to >ŒOFF¹ instead. So the function returns true, even though https is set to >OFF (then phpcas generates service=https:// for cas to redirect to, and >the redirect doesn¹t work) > >To fix it, I use strtolower: > > > private function _isHttps() > > { > > var_dump($_SERVER); > > if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO'])) { > > return ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'); > > } > > if ( isset($_SERVER['HTTPS']) > > && !empty($_SERVER['HTTPS']) > > && strtolower($_SERVER['HTTPS']) != 'off' > > ) { > > return true; > > } else { > > return false; > > } > > } > > >Please let me know where to post this, if cas-user isn¹t the right place > >Thanks >Phil > >-- >You are currently subscribed to [email protected] as: >[email protected] >To unsubscribe, change settings or access archives, see >http://www.ja-sig.org/wiki/display/JSG/cas-user > > >-- >You are currently subscribed to [email protected] as: >[email protected] >To unsubscribe, change settings or access archives, see >http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
