Phil, You could issue a pull request on GitHub:
https://github.com/Jasig/phpCAS Thanks, Carl Waldbieser ITS Systems Programmer Lafayette College ----- Original Message ----- From: "Phil Romov" <pro...@harryfox.com> To: cas-user@lists.jasig.org Sent: Monday, June 8, 2015 10:56:41 AM Subject: [cas-user] Bugfix for phpCAS _isHttps() I found what seems to be a bug in the _isHttps() function Amongs other things, it looks for $_SERVER[‘HTTPS’] != ‘off’, but on my php server (zend server living on iseries) $_SERVER[‘HTTPS’] is set to ‘OFF’ instead. So the function returns true, even though https is set to OFF (then phpcas generates service=https:// for cas to redirect to, and the redirect doesn’t work) To fix it, I use strtolower: private function _isHttps() { var_dump($_SERVER); if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO'])) { return ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https'); } if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off' ) { return true; } else { return false; } } Please let me know where to post this, if cas-user isn’t the right place Thanks Phil -- You are currently subscribed to cas-user@lists.jasig.org as: waldb...@lafayette.edu To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user