the $secureRequest var is the same as ImNotOnHTTP
The odd thing is that it will work most of the time, so the filter
logic is valid.
For the same exact situation it will work one time, it will fail another time.
2010/6/16 Tom Ptacnik <to...@tomor.cz>:
> I think that this code will redirect to http even if I'm on http
> right. And same with https. I'm on https and this filter redirect me
> to https again..
>
> So I advice to insert conditions...I'll show it on pseudocode
>
> if (ImNotOnHTTP && $sslEnabled && !$secureRequest) {
> redirect to http
> }
> elseif($secureRequest && ImNotOnHTTPS) {
> redirect to https
> }
>
> On 14 čvn, 17:56, Bruno Reis <bruno.p.r...@gmail.com> wrote:
>> Hi,
>>
>> I´m using a filter with the following code to change from http to https and
>> back from https to http. Sometimes when leaving from a https page, the
>> browser gives a "too many redirects" error. I cannot reproduce the error
>> easily. It´s not all the time that it happens. Normaly it still happening
>> very often after the first time it happens.
>>
>> We have debuged the error requests here and the sfResponse status code still
>> 200 until the very last filter (rendering), but the headers sent to the
>> browser have a 302 code and I have no idea why neither where.
>>
>> Do you have any idea of what can be happening?
>>
>> $module = $this->getContext()->getModuleName();
>> $secureRequest = $this->getContext()->getRequest()->isSecure();
>> $moduleHasToBeSecure = in_array($module,array('join','payment'));
>> //$sslEnabled = sfConfig::get('app_enable_join_ssl', true);
>> $sslEnabled = true;
>> $uri = $this->getContext()->getRequest()->getUri();
>> if (!$this->isAjax()) {
>> if ($moduleHasToBeSecure) {
>> if ($sslEnabled && !$secureRequest) {
>>
>> $this->getContext()->getController()->redirect(preg_replace("/^http:\/\//",
>> "https://";, $uri));
>> }
>> }
>> else {
>> if($secureRequest) {
>>
>> $this->getContext()->getController()->redirect(preg_replace("/^https:\/\//",
>> "http://";, $uri));
>> }
>> }
>> }
>
> --
> If you want to report a vulnerability issue on symfony, please send it to
> security at symfony-project.com
>
> You received this message because you are subscribed to the Google
> Groups "symfony users" group.
> To post to this group, send email to symfony-users@googlegroups.com
> To unsubscribe from this group, send email to
> symfony-users+unsubscr...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/symfony-users?hl=en
>
--
If you want to report a vulnerability issue on symfony, please send it to
security at symfony-project.com
You received this message because you are subscribed to the Google
Groups "symfony users" group.
To post to this group, send email to symfony-users@googlegroups.com
To unsubscribe from this group, send email to
symfony-users+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
