Feature #35723

Improvement for SSL detection behind proxy server

Added by Michael Klapper about 10 years ago. Updated almost 9 years ago.

Status:
Closed
Priority:
Could have
Assignee:
-
Category:
-
Target version:
-
Start date:
2012-04-05
Due date:
% Done:

0%

Estimated time:
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

In some Proy environments is only the environment variable "HTTP_FRONT_END_HTTPS" set to "On" and the other variables like "SSL_SESSION_ID", "HTTPS" are missing.

So i suggest to support the variable "HTTP_FRONT_END_HTTPS" to detect SSL connections.


Related issues

Related to TYPO3 Core - Feature #39016: Hook to modify t3lib_div::getIndpEnv return valueClosed2012-07-17

Actions
Is duplicate of TYPO3 Core - Bug #29693: Respect HTTP_X_FORWARDED_PROTO in SSL checkRejectedMichael Stucki2011-09-12

Actions
Is duplicate of TYPO3 Core - Bug #32999: Cannot properly handle reverse-proxy as SSL end-pointRejected2012-01-05

Actions
#1

Updated by Gerrit Code Review about 10 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/10166

#2

Updated by Gerrit Code Review about 10 years ago

Patch set 1 for branch TYPO3_4-7 has been pushed to the review server.
It is available at http://review.typo3.org/10167

#3

Updated by Gerrit Code Review about 10 years ago

Patch set 1 for branch TYPO3_4-6 has been pushed to the review server.
It is available at http://review.typo3.org/10168

#4

Updated by Gerrit Code Review about 10 years ago

Patch set 2 for branch master has been pushed to the review server.
It is available at http://review.typo3.org/10166

#5

Updated by Wouter Wolters almost 10 years ago

Is abandoned in Gerrit. Don't know if Tolleiv's suggestion is still valid.

#6

Updated by Ernesto Baschny almost 10 years ago

  • Tracker changed from Bug to Feature
  • Status changed from Under Review to Needs Feedback
  • Priority changed from Should have to Could have

As concluded in the now abandonned review session, relying on variables that could be forged by the client is not ideal.

Tolleiv suggested to make the list of fields "configurable". How about a hook in t3lib_div::getIndpEnv to allow extensions to manipulate the return value of the settings "at will"? This provides more flexibility and doesn't require TYPO3-core to handle every Webserver configuration.

#7

Updated by Alexander Opitz almost 9 years ago

  • Status changed from Needs Feedback to New
#8

Updated by Christian Kuhn almost 9 years ago

  • Status changed from New to Closed

Closed this issue for now, a hook to getIntpEnv can be added with #39016

Also available in: Atom PDF