From: Uwe Schindler <thetaphi@php.net>
Date: Thu, 11 Aug 2011 20:25:24 +0000 (+0000)
Subject: Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection
X-Git-Tag: php-5.5.0alpha1~1557
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=96eff171611d04fc8025c0c526a589de63226a49;p=php

Bug #55403: Don't set $_SERVER['HTTPS'] on unsecure connection
---

diff --git a/sapi/nsapi/nsapi.c b/sapi/nsapi/nsapi.c
index fa73301f62..a2081eb0c8 100644
--- a/sapi/nsapi/nsapi.c
+++ b/sapi/nsapi/nsapi.c
@@ -723,7 +723,9 @@ static void sapi_nsapi_register_server_variables(zval *track_vars_array TSRMLS_D
 	nsapi_free(value);
 
 	php_register_variable("SERVER_SOFTWARE", system_version(), track_vars_array TSRMLS_CC);
-	php_register_variable("HTTPS", (security_active ? "ON" : "OFF"), track_vars_array TSRMLS_CC);
+	if (security_active) {
+		php_register_variable("HTTPS", "ON", track_vars_array TSRMLS_CC);
+	}
 	php_register_variable("GATEWAY_INTERFACE", "CGI/1.1", track_vars_array TSRMLS_CC);
 
 	/* DOCUMENT_ROOT */