Modify detection of HTTPS

heiglandreas · web-flow · commit 0c4e083456a4 · 2019-07-09T17:32:22.000+02:00
This modifies the detection of HTTPS by checking whether the lower-case value of the HTTPS-key of the server variable equals 'on'. Before that checked whether the value did *not* match 'off' which meant that the nginx-default for non-HTTPS connections (which, according to the [documentation](http://nginx.org/en/docs/http/ngx_http_core_module.html#var_https) is an empty string) did in fact match and returned that the connection *is* encrypted. This fixes #362
diff --git a/src/functions/marshal_uri_from_sapi.php b/src/functions/marshal_uri_from_sapi.php
@@ -168,7 +168,7 @@ function marshalUriFromSapi(array $server, array $headers) : Uri
             ));
         }
 
-        return 'off' !== strtolower($https);
+        return 'on' === strtolower($https);
     };
     if (array_key_exists('HTTPS', $server)) {
         $https = $marshalHttpsValue($server['HTTPS']);

Original file line number	Diff line number	Diff line change
`@@ -168,7 +168,7 @@ function marshalUriFromSapi(array $server, array $headers) : Uri`
`168`	`168`	`));`
`169`	`169`	`}`
`170`	`170`
`171`		`- return 'off' !== strtolower($https);`
	`171`	`+ return 'on' === strtolower($https);`
`172`	`172`	`};`
`173`	`173`	`if (array_key_exists('HTTPS', $server)) {`
`174`	`174`	`$https = $marshalHttpsValue($server['HTTPS']);`