Edit report at https://bugs.php.net/bug.php?id=55403&edit=1
ID: 55403 Updated by: [email protected] Reported by: [email protected] Summary: $_SERVER['HTTPS'] should be undefined on unsecure connection Status: Assigned Type: Feature/Change Request Package: iPlanet related PHP Version: Irrelevant Assigned To: thetaphi Block user comment: N Private report: N New Comment: I will keep this open until committing to 5.3 is possible again. Previous Comments: ------------------------------------------------------------------------ [2011-08-11 20:25:20] [email protected] Automatic comment from SVN on behalf of thetaphi Revision: http://svn.php.net/viewvc/?view=revision&revision=314799 Log: Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection ------------------------------------------------------------------------ [2011-08-11 17:24:45] [email protected] I will commit this patch to trunk and 5.4, also after 5.3.7 is released, I will merge there, too. ------------------------------------------------------------------------ [2011-08-11 17:21:49] [email protected] The following patch has been added/updated: Patch Name: PatchForTrunk.patch Revision: 1313083309 URL: https://bugs.php.net/patch-display.php?bug=55403&patch=PatchForTrunk.patch&revision=1313083309 ------------------------------------------------------------------------ [2011-08-11 17:19:25] [email protected] Description: ------------ All other SAPIs (Apache, too, of course) only set the $_SERVER['HTTPS'] variable to "ON", if a secure connection is availab.e The key is undefined otherwise. NSAPI on the other hand defines $_SERVER['HTTPS']='OFF' in this case. This breaks apps that just do an isset() test (Drupal,...). ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=55403&edit=1
