#2 CGI SERVER_PORT patch

closed-fixed
nobody
None
5
2007-06-12
2005-02-09
kos
No

Patch to correctly supply SERVER_PORT to CGI scripts.
Original code only checked for unusual port numbers,
but otherwise assumed port 80. For https connections
this resulted in port 80 being supplied to CGI instead
of 443. This caused CGI scripts to possibly redirect
the user to unsecure links.

Discussion

  • kos
    kos
    2005-02-09

     
    Attachments
  • kos
    kos
    2005-02-09

    Logged In: YES
    user_id=1215628

    I forgot to say that the patch is against yaws-1.51.

    Cheers,

    kos

     
  • Claes Wikstrom
    Claes Wikstrom
    2007-06-12

    • status: open --> closed-fixed