Bug #16395
closed
There is a error in detecting the ssl page
0%
Description
if you set $TYPO3_CONF_VARS['BE']['lockSSL'] = '2'; at a server hostet by 1&1 or Schlund und Partner (the biggest provider in Germany) you run into the problem, that you can NEVER log in to the backend.
The problem is, that typo3 will not detect the ssl connection. so typo3 thinks, it is not in ssl-mode and so typo3 tries to redirect to the ssl mode. this goes endless. Means the page is reloaded, reloaded, reloaded and so on. The systems hangs in this endles loop.
This is, because the server from 1&1 and Schlund und Partner sets the variable
$_SERVER['HTTPS'] to "1" and NOT to "on" like the typo3 script expected.
So the solution for me is to change the line 3099 of t3lib_div.php from
$retVal = $_SERVER['SSL_SESSION_ID'] || !strcmp($_SERVER['HTTPS'],'on') ? TRUE : FALSE;
to
$retVal = $_SERVER['SSL_SESSION_ID'] || !strcmp($_SERVER['HTTPS'],'1') ? TRUE : FALSE;
this means, i have to change "on" to "1".
After this changing, the system works fine for 1&1 and for Schlund und Partner.
(issue imported from #M3909)
Files
Updated by Benni Mack over 18 years ago
to keep it consistent with Typo3 (and so people can put it in CVS) the code should be:
$retVal = $_SERVER['SSL_SESSION_ID'] || !strcmp($_SERVER['HTTPS'],'1') || !strcmp($_SERVER['HTTPS'],'on') ? TRUE : FALSE;
devs - would be awesome if you could correct this.
Updated by