Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection

author: Uwe Schindler <thetaphi@php.net> 2011-08-11 20:25:24 +0000
committer: Uwe Schindler <thetaphi@php.net> 2011-08-11 20:25:24 +0000
commit: acec8201a1efdac28d12f6495003f45e48ca0106 (patch)
tree: 2bc3c208f8bd670bffa094a193e1f0f301acb670
parent: 9e9d2a9ce6916cad917b17ef3b8b5fff26861530 (diff)
download: php-git-acec8201a1efdac28d12f6495003f45e48ca0106.tar.gz
2 files changed, 6 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 5ad8640cea..99fa152efc 100644
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,9 @@ PHP                                                                        NEWS
   . Added Shift_JIS Emoji (pictograms) support. (rui)
   . Ill-formed UTF-8 check for security enhancements. (rui)
 
+- Improved NSAPI SAPI: (Uwe Schindler)
+  . Don't set $_SERVER['HTTPS'] on unsecure connection (bug #55403).
+
 04 Aug 2011, PHP 5.4.0 Alpha 3
 - Added features:
  . Short array syntax, see UPGRADING guide for full details (rsky0711 at gmail 
diff --git a/sapi/nsapi/nsapi.c b/sapi/nsapi/nsapi.c
index fa73301f62..a2081eb0c8 100644
--- a/sapi/nsapi/nsapi.c
+++ b/sapi/nsapi/nsapi.c
@@ -723,7 +723,9 @@ static void sapi_nsapi_register_server_variables(zval *track_vars_array TSRMLS_D
 	nsapi_free(value);
 
 	php_register_variable("SERVER_SOFTWARE", system_version(), track_vars_array TSRMLS_CC);
-	php_register_variable("HTTPS", (security_active ? "ON" : "OFF"), track_vars_array TSRMLS_CC);
+	if (security_active) {
+		php_register_variable("HTTPS", "ON", track_vars_array TSRMLS_CC);
+	}
 	php_register_variable("GATEWAY_INTERFACE", "CGI/1.1", track_vars_array TSRMLS_CC);
 
 	/* DOCUMENT_ROOT */
author	Uwe Schindler <thetaphi@php.net>	2011-08-11 20:25:24 +0000
committer	Uwe Schindler <thetaphi@php.net>	2011-08-11 20:25:24 +0000
commit	acec8201a1efdac28d12f6495003f45e48ca0106 (patch)
tree	2bc3c208f8bd670bffa094a193e1f0f301acb670
parent	9e9d2a9ce6916cad917b17ef3b8b5fff26861530 (diff)
download	php-git-acec8201a1efdac28d12f6495003f45e48ca0106.tar.gz