#46453 closed defect (bug) (invalid)
REQUEST_URI doesn't contain http string for ssl validation
Reported by: | LogixTree | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | General | Keywords: | |
Focuses: | Cc: |
Description
Hi guys,
I just came around very strange issue. I have been looking at the following code.
<?php if ( force_ssl_admin() && ! is_ssl() ) { if ( 0 === strpos( $_SERVER['REQUEST_URI'], 'http' ) ) { wp_safe_redirect( set_url_scheme( $_SERVER['REQUEST_URI'], 'https' ) ); exit(); } else { wp_safe_redirect( 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] ); exit(); } }
Clearly, We are looking for http string to find out if it's ssl or not.
But under the PHP config. We don't have any http or https string.
Whenever we try to login. It just hang on redirects and end up many redirect.
I tried bypass by adding filter
<?php add_filter('secure_auth_redirect', '__return_false');
But seems like same coding is under wp-login.php.
Attachments (1)
Change History (4)
Note: See
TracTickets for help on using
tickets.
Replying to LogixTree:
Cloudflare was coming in between with it's flexible ssl. Apologies for confusion.