t3lib_div::getIndpEnv() erroneously detects SSL -> BE crashes
Kasper has changed the code for SSL detection in CVS as of April 1st.
The log message was: "Fixed SSL problem and many other minor things".
Unfortunately, this change has introduced a new bug for installations running on Microsoft IIS:
Although there is no SSL connection, the Backend sometimes redirects to https when logging in or out which results in a 404 error.
Affected versions are:
Microsoft-IIS: 5.1 and 6.0
PHP: 4.3.3, 4.3.6
php_sapi_name: isapi and cgi-fcgi
In both cases the Typo3 Debug information erroneously shows
So the bug must be in t3lib_div::getIndpEnv()
Mailing list post about the problem:
(issue imported from #M62)
Updated by Ingmar Schlecht almost 17 years ago
OK, I have found out the reason for the behaviour.
Typo3 does not check if the variable $_SERVER["HTTPS"] ist set to 'on', it just checks if it's set at all.
So even when it's set to
$_SERVER["HTTPS"] = 'off';
Typo3 thinks it is using an SSL connection.
In the function getIndpEnv() replace this:
return ($HTTP_SERVER_VARS['SSL_SESSION_ID'] || $HTTP_SERVER_VARS['HTTPS']) ? TRUE : FALSE;
return $HTTP_SERVER_VARS['SSL_SESSION_ID'] || !strcmp($HTTP_SERVER_VARS['HTTPS'],'on') ? TRUE : FALSE;
edited on: 05.05.04 19:10
Updated by Kasper Skaarhoj almost 17 years ago
The history is that I fixed this based on response from users mailing about the same problem. I could not test it myself because I do not have SSL servers. I wrote to all people reporting the bug to test it an report back (some 5-10 people). Two responded back that it was OK.
Over 1 month people have had the chance to find this before release. However no one did. So...
Thanks to ingmar for solving it!