Closed
Bug 432484
Opened 16 years ago
Closed 14 years ago
CakePHP's FULL_BASE_URL does not handle Netscalers+HTTPS
Categories
(addons.mozilla.org Graveyard :: Public Pages, defect, P5)
Tracking
(Not tracked)
RESOLVED
WONTFIX
4.x (triaged)
People
(Reporter: wenzel, Unassigned)
References
()
Details
(Whiteboard: [qa-])
The global constant FULL_BASE_URL is set by CakePHP automatically (see the API: http://api.cakephp.org/paths_8php-source.html) and should handle HTTPS correctly but due to the netscalers, we have to perform a different check. This leads to all URLs that contain HTTPS being displayed as HTTP only on AMO, at the moment, such ass RSS feeds (bug 425729). In config/bootstrap.php, there is a bunch of workaround code to fix FULL_BASE_URL if it doesn't contain https:// but that could be saved if we fixed the constant in the first place. (FYI, we need to check for $_SERVER['HTTP_MOZ_REQ_METHOD'] == 'HTTPS').
Reporter | ||
Comment 1•16 years ago
|
||
(In reply to comment #0) > This leads to all URLs that contain HTTPS being displayed as HTTP only on AMO All *absolute* URLs, I mean -- there aren't too many of them fortunately.
Comment 2•16 years ago
|
||
or you can use SITE_URL which is defined by IT in config for every production and staging site we have because I didn't know the auto-constant existed until it was too late.
Reporter | ||
Comment 3•16 years ago
|
||
Looking at http://api.cakephp.org/controller_8php-source.html#l00376, this problem is likely the cause for bug 412015. When using redirect(), the complete URL is generated using FULL_BASE_URL; if that does not contain https correctly, we redirect to http, and that shouldn't happen. CCing clouserw as 412015 is his bug.
Blocks: 412015
Target Milestone: --- → 3.4.3
Updated•16 years ago
|
Target Milestone: 3.4.3 → 3.x (triaged)
Comment 4•16 years ago
|
||
Did we make up HTTP_MOZ_REQ_METHOD? Google has no results for that string. Just wondering if we could send a patch to cakephp for anyone else behind a proxy.
Reporter | ||
Comment 5•16 years ago
|
||
(In reply to comment #4) > Did we make up HTTP_MOZ_REQ_METHOD? The MOZ in it makes me believe so.
Comment 6•16 years ago
|
||
oremj would know
Comment 7•16 years ago
|
||
I can add SetEnv HTTPS to the apache vhost, so you can use the regular $_SERVER['HTTPS'] check. Just make sure you aren't looking at SERVER_PORT, because it will not be port 443.
Comment 8•16 years ago
|
||
That sounds fine. We don't use SERVER_PORT anywhere. This sounds like something we should test on a box with SSL before we switch it on the live site. Can you do this on preview.amo?
Comment 9•15 years ago
|
||
(In reply to comment #0) > This leads to all URLs that contain HTTPS being displayed as HTTP only on AMO, > at the moment, such ass RSS feeds (bug 425729). In config/bootstrap.php, there > is a bunch of workaround code to fix FULL_BASE_URL if it doesn't contain > https:// but that could be saved if we fixed the constant in the first place. I'm happy to do this still, but where is a URL example? The RSS feeds are all relative as far as I can tell.
Updated•15 years ago
|
Severity: normal → trivial
Priority: -- → P5
Reporter | ||
Comment 10•15 years ago
|
||
There are a few instances of this in our code: $ grep -ir full_base_url * config/bootstrap.php: $fullbaseurl = FULL_BASE_URL; config/bootstrap.php: $fullbaseurl = FULL_BASE_URL; tests/views/addons/searchengines.test.php: .'"'.FULL_BASE_URL.$this->controller->base.'/'.LANG.'/'.APP_SHORTNAME.'/'.FILES_URL.'/'.'"\+fileid\+"/"\+basename\+".src",[\s]*' tests/views/addons/searchengines.test.php: .'"'.FULL_BASE_URL.$this->controller->base.'/'.LANG.'/'.APP_SHORTNAME.'/images/addon_icon/"\+addonid\+"/"\+basename\+"."\+ext,[\s]*' views/addons/share.thtml: $url = FULL_BASE_URL . $html->url("/addon/{$addon_id}"); views/collections/share.thtml: $url = FULL_BASE_URL . $html->url("/collection/{$collection_uuid}"); views/editors/email/inforequest_plain.thtml:Please go to <?=FULL_BASE_URL.$html->url("/developers/discuss/{$info['infoid']}", true, false, false)?> to reply. views/editors/email/inforequest_reply_plain.thtml:Please go to <?=FULL_BASE_URL.$html->url("/developers/discuss/{$info['infoid']}", true, false, false)?> if you would like to reply. views/editors/email/notify_update_plain.thtml:URL: <?=FULL_BASE_URL.$html->url("/addon/{$info['id']}", true, false)?> views/editors/email/notify_update_plain.thtml:Review Link: <?=FULL_BASE_URL.$html->url("/editors/review/{$info['versionid']}", true, false)?> views/editors/email/notify_version_comment_plain.thtml:Comment Link: <?=FULL_BASE_URL.$html->url("/editors/review/{$info['versionid']}#editorComment{$info['commentid']}", true, false)?> views/editors/email/notify_version_comment_plain.thtml:This notification was sent to you because you have participated in the discussion of this review. You can manage all subscriptions at: <?=FULL_BASE_URL.$html->url('/users/edit#profile-notifications')?> views/editors/review.thtml: echo ' <b>'.$html->link($platforms[$file['platform_id']], '/downloads/file/'.$file['id'].'/'.$file['filename'], array('onClick' => $this->controller->Amo->installTrigger($addon['Addon']['addontype_id'], FULL_BASE_URL.$html->url('/downloads/file/'.$file['id'].'/'.$file['filename']), $addon['Translation']['name']['string'].' '.$version['Version']['version'], '', $file['hash']).' return false;')).'</b>'; views/elements/install.thtml: 'engineURL' => FULL_BASE_URL . $html->urlFile($file['id'], $file['filename'], @$collection_uuid), views/helpers/install_button.php: 'engineURL' => FULL_BASE_URL . $this->Html->urlFile($file['id'], $file['filename'], $this->collectionUuid()), judging my comment 2, we could just go ahead and use that everywhere, then stop worrying about Cake's constant.
Reporter | ||
Comment 11•15 years ago
|
||
(line-break fail)
Reporter | ||
Comment 12•14 years ago
|
||
This is in Remora: We won't fix this anymore.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → WONTFIX
Whiteboard: [qa-]
Assignee | ||
Updated•8 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•