ZF-11783: Zend_Amf_Response_Http emits notice when $_SERVER['HTTPS'] not defined

Issue Type: Bug Created: 2011-09-30T16:41:21.000+0000 Last Updated: 2011-11-09T17:22:17.000+0000 Status: Resolved Fix version(s): - 1.11.12 (22/Jun/12)

Reporter: David Reade (randomreado) Assignee: Adam Lundrigan (adamlundrigan) Tags: - Zend_Amf

  • zf-caretaker-adamlundrigan

Related issues: - ZF-5012



Just upgraded from Zend AMF 1.11.10 to 1.11.11 and tried running my Flex application. It failed and the following error was generated:

Undefined index: HTTPS

0 include() called at [/RCMS/Kernel/Bootstrap.php:16]

1 errorHandler(8, Undefined index: HTTPS, /Zend/Amf/Response/Http.php, 59, Array()) called at [/Zend/Amf/Response/Http.php:59]

2 Zend_Amf_Response_Http->isIeOverSsl() called at [/Zend/Amf/Response/Http.php:44]

3 Zend_Amf_Response_Http->getResponse() called at [/Zend/Amf/Response.php:147]

4 Zend_Amf_Response->__toString() called at [/DesktopAMF.php:58]


Line 59 of Http.php reads:

$ssl = $_SERVER['HTTPS'];

Changing it to the following code resolves the issue:

$ssl = isset($_SERVER['HTTPS']);


Posted by Adam Lundrigan (adamlundrigan) on 2011-10-24T01:11:16.000+0000

Fixed in trunk r24523 r24524. Merged to release-1.11 in r24525.

Posted by Jani Mikkonen (janisto) on 2011-11-09T10:43:44.000+0000

I think it would be better to check it like this:

<pre class="highlight">
$ssl = false;
if ( isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1)
    $ssl = true;

Posted by Adam Lundrigan (adamlundrigan) on 2011-11-09T17:22:17.000+0000

There has been discussion about HTTP_X_FORWARDED_PROTO in the past (see ZF-5012) and it was agreed then that we shouldn't rely on it.

Have you found an issue?

See the Overview section for more details.


© 2006-2019 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.