ZF-4318: Action_Helper_Redirector: Non-SSL handling

Issue Type: Bug Created: 2008-09-17T06:55:25.000+0000 Last Updated: 2008-11-13T14:10:14.000+0000 Status: Resolved Fix version(s): - 1.7.0 (17/Nov/08)

Reporter: Wolfgang Gruber (arcolf) Assignee: Benjamin Eberlei (beberlei) Tags: - Zend_Controller

Related issues: Attachments:


Although the variable $_SERVER['HTTPS'] should be empty when it isn't a HTTPS request, a few webserver set the value to 'off'. The PHP reference manual ([…]) mentions IIS and I encountered the problem with Abyss webserver. If the value is set to 'off', Action_Helper_Redirector redirects the request to https which is wrong. Therefore the Action_Helper_Redirector should be changed in function *_redirect($url)* from

<pre class="highlight">
$proto = (empty($_SERVER['HTTPS'])) ? 'http' : 'https';


<pre class="highlight">
$proto = ((empty($_SERVER['HTTPS'])) || (strcasecmp($_SERVER['HTTPS'],'off') == 0)) ? 'http' : 'https';


Posted by Benjamin Eberlei (beberlei) on 2008-11-07T23:55:24.000+0000

Fixed in r12413

Posted by Wil Sinclair (wil) on 2008-11-13T14:10:14.000+0000

Changing issues in preparation for the 1.7.0 release.

Have you found an issue?

See the Overview section for more details.


© 2006-2018 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.