CMS MADE SIMPLE FORGE

CMS Made Simple Core

Back to List

[#6994] Wrong HTTP/HTTPS detection (function.metadata.php)

Created By: Mihail Fedorov (Kolo)

Date Submitted: Sat Oct 22 16:51:42 -0400 2011

Assigned To: Robert Campbell (calguy1000)

Version: 1.10

CMSMS Version: 1.10

Severity: Minor

Resolution: Fixed

State: Closed

Summary:

Wrong HTTP/HTTPS detection (function.metadata.php)

Detailed Description:

Last one bug on SSL detection on plugins ;)

function.metadata.php, line 45:

Now:
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')

Should be:
if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off')

Because some servers have "1" instead of "on" - both not equal "off" ;)
As seen on function.styleseet.php, for example. 

Better idea - to write separate function, which will also detect on all incl.
very rare cases. Such as $_SERVER['SERVER_PORT'] equals 443 - on some rare
setups there is no $_SERVER['HTTPS'] variable at all.

History

Date: 2011-10-23 21:56
Posted By: Robert Campbell (calguy1000)

Fixed in svn.

Date: 2011-11-05 16:27
Posted By: Mihail Fedorov (Kolo)

Strange fix in 1.10.1. Now it's really broken for everybody else, who had "on"
;)

Same line now, in 1.10.1 bugfix release:.
if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'on')
{
	    $base = $config['ssl_url'];

Updated: 2012-04-14 23:06
resolution_id: 5 => 7
state: Open => Closed

Updated: 2012-04-14 15:34
assigned_to_id: 100 => 106

Updated: 2011-11-05 16:27
resolution_id: 7 => 5
severity_id: 4 => 3

Updated: 2011-10-23 21:56
resolution_id: => 7

CMSMS | CMS Made Simple

CMS MADE SIMPLE FORGE

CMS Made Simple Core

[#6994] Wrong HTTP/HTTPS detection (function.metadata.php)

History