(tomcat) branch 9.0.x updated: %{SSL:HTTPS} should return either on or off

Thu, 28 May 2026 09:27:32 -0700 

This is an automated email from the ASF dual-hosted git repository.

markt-asf pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new b6733c0258 %{SSL:HTTPS} should return either on or off
b6733c0258 is described below

commit b6733c0258be17cfd2cbde1a5c239ba5c38b62d7
Author: Mark Thomas <[email protected]>
AuthorDate: Thu May 28 17:26:37 2026 +0100

    %{SSL:HTTPS} should return either on or off
---
 java/org/apache/catalina/valves/rewrite/ResolverImpl.java | 4 +++-
 webapps/docs/changelog.xml                                | 5 +++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java 
b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
index 358570f96e..1ca1de4a02 100644
--- a/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
+++ b/java/org/apache/catalina/valves/rewrite/ResolverImpl.java
@@ -194,7 +194,7 @@ public class ResolverImpl extends Resolver {
                 // SSL_SRP_USER: no planned support for SRP
                 // SSL_SRP_USERINFO: no planned support for SRP
                 if (key.equals("HTTPS")) {
-                    return String.valueOf(sslSupport != null);
+                    return "on";
                 } else if (key.equals("SSL_PROTOCOL")) {
                     return sslSupport.getProtocol();
                 } else if (key.equals("SSL_SESSION_ID")) {
@@ -272,6 +272,8 @@ public class ResolverImpl extends Resolver {
                     containerLog.debug(sm.getString("resolverImpl.tlsError"), 
ioe);
                 }
             }
+        } else if (key.equals("HTTPS")) {
+            return "off";
         }
         return null;
     }
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f366d503dc..5d14988bac 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -210,6 +210,11 @@
       <fix>
         Fix connection leak in <code>ProxyErrorReportValve</code>. (remm)
       </fix>
+      <fix>
+        When using the <code>RewriteValve</code>, <code>%{SSL:HTTPS}</code> now
+        returns <code>on</code> or <code>off</code> rather than
+        <code>true</code> or <code>false</code> to align with httpd. (markt)
+      </fix>
     </changelog>
   </subsection>
   <subsection name="Coyote">


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to