report 571 not complete
==========================================================================
-- http/ https detection failes when exporting JkEnvVar xxx yyy
using the parameter JkEnvVar xxx yyy
to submit environment variables from Apache to Tomcat causes
tomcat to set scheme always to https and secure
How To Reproduce (optional):
use
JkEnvVar xxx yyy
in httpd.conf and look at SnoopServlet output
should report:
Scheme: http
Request Is Secure: false
Known Work Around
org.apache.tomcat.service.connector;
public class Ajp13ConnectorRequest
comment out line:
case SC_A_REQ_ATTRIBUTE :
===>>>> //isSSL = true;
attributes.put(msg.getString(), msg.getString());
break;
======================================================================================
The workaround and reproduce field was not taken by
bugrat
HWR
