Package home | Report new bug | New search | Development Roadmap Status: Open | Feedback | All | Closed Since Version 1.0.10

Bug #16328 Case where $_SERVER["HTTPS"] is returned as uppercase not handled
Submitted: 2009-06-15 17:16 UTC
From: spacecharly Assigned: avb
Status: Closed Package: HTML_QuickForm_Controller (version 1.0.9)
PHP Version: 5.2.0 OS: SunOS hefrms03 5.10 Generic_1200
Roadmaps: (Not assigned)    

 [2009-06-15 17:16 UTC] spacecharly (Charly Pache)
Description: ------------ I ran into a server configuration where $_SERVER["HTTPS"] was returned in uppercase ('OFF'). This case is not handled in the script ./Action/Jump.php (where 'off' in lowercase is tested). This lead to a redirection with 'https' instead of 'http', which is a problem if there is no 'https' set up for this website. Actual result: -------------- The fix is to change following line of code in Jump.php (method _resolveRelativeURL($url)): $https = !empty($_SERVER['HTTPS']) && ('off' != $_SERVER['HTTPS']); this way: $https = !empty($_SERVER['HTTPS']) && ('off' != strtolower($_SERVER['HTTPS']));


 [2009-06-16 17:18 UTC] doconnor (Daniel O'Connor)
-Status: Open +Status: Verified
It should always be "HTTPS" - see
 [2009-09-02 15:25 UTC] avb (Alexey Borzov)
-Status: Verified +Status: Closed -Assigned To: +Assigned To: avb
This bug has been fixed in CVS. If this was a documentation problem, the fix will appear on by the end of next Sunday (CET). If this was a problem with the website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. ------- Daniel, the bug dealt not with 'HTTPS' being uppercase or lowercase, but with the value of that field being 'OFF' rather than the expected 'off' mentioned in the manual you link to.