ID: 37323
Updated by: [EMAIL PROTECTED]
Reported By: jameslporter at gmail dot com
Status: Bogus
Bug Type: Apache2 related
Operating System: Gentoo
PHP Version: 5.1.4
New Comment:
1.) I doubt they will change anything.
2.) That's just how it is. If you have a certificate for xxx.com you
must ensure that users are only accessing xxx.com.
Previous Comments:
------------------------------------------------------------------------
[2006-05-05 17:21:52] jameslporter at gmail dot com
<?php
$envs = apache_getenv('Server_Name');
print_r($envs);
?>
This will output www.website.com or website.com as well....I assume
that this is truly what Apache reports then....Guess it goes up to them
now?
------------------------------------------------------------------------
[2006-05-05 17:05:10] jameslporter at gmail dot com
Yes, thats why we need our login link to have the SERVER_NAME so that
the link would be echo '<a
href="https://'.$_SERVER[SERVER_NAME].'/index.php';
Then the browser would be on the correct hostname to compare, rather
then showing a warning because www.website.com doesn't match
website.com
'SERVER_NAME'
The name of the server host under which the current script is
executing. If the script is running on a virtual host, this will be the
value defined for that virtual host.
Hmm, bug or no bug? If this is "bogus" then the documentation needs
clarifying.
------------------------------------------------------------------------
[2006-05-05 17:00:19] [EMAIL PROTECTED]
This doesn't have anything to do with the coice of scripting language.
You know that the browser compares the current host name and the one
from the cert?
------------------------------------------------------------------------
[2006-05-05 16:55:14] jameslporter at gmail dot com
Yes, the serveralias is to allow users who type www.website.com to view
the site, for our script though it needs to use the ServerName
Directive...I shudder to think of the result of someone who uses
another server alias of www.websiteother.com and websiteother.com and
www.website.com and website.com .....You would have to buy 4 ssl
certs...I think I'll convert our site to .NET before I would do that.
------------------------------------------------------------------------
[2006-05-05 16:52:45] [EMAIL PROTECTED]
Well, I somehow doubt there's something to resolve.
I guess you've a ServerAlias directive active.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/37323
--
Edit this bug report at http://bugs.php.net/?id=37323&edit=1
