#2 CGI SERVER_PORT patch

closed-fixed
nobody
None
5
2007-06-12
2005-02-09
Karol
No

Patch to correctly supply SERVER_PORT to CGI scripts.
Original code only checked for unusual port numbers,
but otherwise assumed port 80. For https connections
this resulted in port 80 being supplied to CGI instead
of 443. This caused CGI scripts to possibly redirect
the user to unsecure links.

Discussion

  • Karol
    Karol
    2005-02-09

     
    Attachments
  • Karol
    Karol
    2005-02-09

    Logged In: YES
    user_id=1215628

    I forgot to say that the patch is against yaws-1.51.

    Cheers,

    kos

     
  • Claes Wikstrom
    Claes Wikstrom
    2007-06-12

    • status: open --> closed-fixed