bug #10981 [HttpFoundation] Fixed isSecure() check to be compliant with the docs (Jannik Zschiesche)

This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes #10981). Discussion ---------- [HttpFoundation] Fixed isSecure() check to be compliant with the docs | Q | A | ------------- | --- | Bug fix? | yes | New feature? |no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - According to the [php docs](http://www.php.net/manual/en/reserved.variables.server.php) the `HTTPS` field will be non-empty when the query was issued via HTTPS. It isn't restricted to only "on" and 1. Exception: "off" is sent by IIS BC breaks: no, because old behavior was not conform with the docs. Commits ------- 7bc37bd [HttpFoundation] Fixed isSecure() check to be compliant with the docs
2014-06-16 09:30:49 +02:00 · 2014-06-16 09:30:49 +02:00 · efaa6ea8e6
commit efaa6ea8e6
parent eca7915a1e 7bc37bd899
1 changed files with 3 additions and 1 deletions
--- a/src/Symfony/Component/HttpFoundation/Request.php
+++ b/src/Symfony/Component/HttpFoundation/Request.php
@ -1100,7 +1100,9 @@ class Request
            return in_array(strtolower(current(explode(',', $proto))), array('https', 'on', 'ssl', '1'));
        }

-        return 'on' == strtolower($this->server->get('HTTPS')) || 1 == $this->server->get('HTTPS');
+        $https = $this->server->get('HTTPS');
+
+        return !empty($https) && 'off' !== strtolower($https);
    }

    /**