bug #10981 [HttpFoundation] Fixed isSecure() check to be compliant with the docs (Jannik Zschiesche)
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes #10981).
Discussion
----------
[HttpFoundation] Fixed isSecure() check to be compliant with the docs
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? |no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
According to the [php docs](http://www.php.net/manual/en/reserved.variables.server.php) the `HTTPS` field will be non-empty when the query was issued via HTTPS.
It isn't restricted to only "on" and 1.
Exception: "off" is sent by IIS
BC breaks: no, because old behavior was not conform with the docs.
Commits
-------
7bc37bd
[HttpFoundation] Fixed isSecure() check to be compliant with the docs
This commit is contained in:
commit
efaa6ea8e6
@ -1100,7 +1100,9 @@ class Request
|
||||
return in_array(strtolower(current(explode(',', $proto))), array('https', 'on', 'ssl', '1'));
|
||||
}
|
||||
|
||||
return 'on' == strtolower($this->server->get('HTTPS')) || 1 == $this->server->get('HTTPS');
|
||||
$https = $this->server->get('HTTPS');
|
||||
|
||||
return !empty($https) && 'off' !== strtolower($https);
|
||||
}
|
||||
|
||||
/**
|
||||
|
Reference in New Issue
Block a user