Edit report at https://bugs.php.net/bug.php?id=55403&edit=1
ID: 55403
Updated by: theta...@php.net
Reported by: theta...@php.net
Summary: $_SERVER['HTTPS'] should be undefined on unsecure
connection
Status: Assigned
Type: Feature/Change Request
Package: iPlanet related
PHP Version: Irrelevant
Assigned To: thetaphi
Block user comment: N
Private report: N
New Comment:
I will keep this open until committing to 5.3 is possible again.
Previous Comments:
------------------------------------------------------------------------
[2011-08-11 20:25:20] theta...@php.net
Automatic comment from SVN on behalf of thetaphi
Revision: http://svn.php.net/viewvc/?view=revision&revision=314799
Log: Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection
------------------------------------------------------------------------
[2011-08-11 17:24:45] theta...@php.net
I will commit this patch to trunk and 5.4, also after 5.3.7 is released, I will
merge there, too.
------------------------------------------------------------------------
[2011-08-11 17:21:49] theta...@php.net
The following patch has been added/updated:
Patch Name: PatchForTrunk.patch
Revision: 1313083309
URL:
https://bugs.php.net/patch-display.php?bug=55403&patch=PatchForTrunk.patch&revision=1313083309
------------------------------------------------------------------------
[2011-08-11 17:19:25] theta...@php.net
Description:
------------
All other SAPIs (Apache, too, of course) only set the $_SERVER['HTTPS']
variable
to "ON", if a secure connection is availab.e The key is undefined otherwise.
NSAPI
on the other hand defines $_SERVER['HTTPS']='OFF' in this case. This breaks
apps
that just do an isset() test (Drupal,...).
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=55403&edit=1
