[dev] Force SSL in imp login.

Micha Kersloot micha at kovoks.nl
Tue Aug 24 06:11:48 PDT 2004


Hi,

On 24-aug-04, at 14:44, Jan Schneider wrote:

> Zitat von Micha Kersloot <micha at kovoks.nl>:
>
>> Hi,
>>
>> I'm trying to set up horde/imp on a non default port (8080). I've 
>> found
>> out that imp makes the urls absolute in stead of relative, creating
>> urls to non-existing ports. I saw the update in cvs ( Enable
>> login-only-SSL in IMP and Gollem.) which creates this problem, but 
>> what
>> is the reason for this patch an shouldn't this be dependant on the
>> use_ssl configuration setting?
>
> It *is* an use_ssl setting and it works only if you use default ports, 
> this
> is by design.

The thing is that (excuse me if i'm looking in the wrong direction) 
Horde::url sets $full to true if force_ssl = true. This is what happens 
in the next line from imp/login.php:
$formAction = Horde::url('redirect.php', false, -1, true)

The consequence is that http://localhost:8080/horde is rebuild to 
http://localhost/horde (which is strange now that i'm looking a little 
bit longer to the Horde::url function.)

So, i've found something out now. (which you probably all know already) 
$_SERVER['SERVER_PORT'] is the port as set in the apache configuration 
and not the port the client connected to.

So my problem is the fact that i am connecting to a forwarded port and 
well, I don't think it will work this way. I'll try something else and 
thank you for your time.

Met vriendelijke groet,

Micha Kersloot
http://www.mailwasserette.nl/



More information about the dev mailing list