Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection

diff --git a/NEWS b/NEWS
index 5ad8640cea43a8f1c2b9592d9f6e6fafdfb8e1f3..99fa152efcf23c39b7f31be417cdacdd6e68c045 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -12,6 +12,9 @@ PHP                                                                        NEWS
   . Added Shift_JIS Emoji (pictograms) support. (rui)
   . Ill-formed UTF-8 check for security enhancements. (rui)
 
+- Improved NSAPI SAPI: (Uwe Schindler)
+  . Don't set $_SERVER['HTTPS'] on unsecure connection (bug #55403).
+
 04 Aug 2011, PHP 5.4.0 Alpha 3
 - Added features:
  . Short array syntax, see UPGRADING guide for full details (rsky0711 at gmail 

diff --git a/sapi/nsapi/nsapi.c b/sapi/nsapi/nsapi.c
index fa73301f62af772ef33ecb876f31c1e311b3b0e8..a2081eb0c8f11c014dc410037cd342ffb7acf14d 100644 (file)
--- a/sapi/nsapi/nsapi.c
+++ b/sapi/nsapi/nsapi.c
@@ -723,7 +723,9 @@ static void sapi_nsapi_register_server_variables(zval *track_vars_array TSRMLS_D
        nsapi_free(value);
 
        php_register_variable("SERVER_SOFTWARE", system_version(), track_vars_array TSRMLS_CC);
-       php_register_variable("HTTPS", (security_active ? "ON" : "OFF"), track_vars_array TSRMLS_CC);
+       if (security_active) {
+               php_register_variable("HTTPS", "ON", track_vars_array TSRMLS_CC);
+       }
        php_register_variable("GATEWAY_INTERFACE", "CGI/1.1", track_vars_array TSRMLS_CC);
 
        /* DOCUMENT_ROOT */