CodeIgniter 2.2.0 在升级后的服务器上运行良好,支持HTTPS/SSL。

huangapple go评论71阅读模式
英文:

CodeIgniter 2.2.0 on upgraded server good save for HTTPS/SSL

问题

我们最近升级了一个10年历史的网站的服务器,主机安装的最低允许的PHP版本是7.4。可以理解。

当我们将旧的CodeIgniter 2.2.0网站迁移到新服务器时,我们对仍然正常工作的内容感到非常惊讶。在解决了一些环境和PHP版本的问题后,我们进行了QA测试。除了主页或"default_controller"路由部分之外,一切都很正常。

如果我通过HTTPS请求通过https://example.com/***admin/***路由的任何资源或其他内容,都可以正常获得200的响应,没有问题。如果我将静态HTML克隆到PHP文件中并将它们放入目录中,它们也可以安全地提供。

我已经尝试过修改index.php和core/CodeIgniter.php等内容,这些请求的响应都可以正常返回200 OK。

但是,如果我请求站点公开可见部分生成的动态文档,它始终返回HTTPS 302 Found -> HTTP 200 OK。

如果我尝试进行非常激进的.htaccess设置,服务器会反击,浏览器会显示"Too many redirects"(重定向次数过多)的错误。

是否有人遇到过类似的问题?我认为核心部分可能悄悄地出现了错误?

英文:

We upgraded our server for a 10 year old website recently and the lowest allowable PHP version the host would install was 7.4. Understandable.

When we moved the old CodeIgniter 2.2.0 site over to the new machine, we were quite surprised with the amount of stuff that was still working. After squashing some environmental and PHP version bugs, we did a QA. Everything is peachy save for the home or "defualt_controller" route stuff.

If I summon any asset or anything routed through https://example.com/admin/ by HTTPS, I get 200 with no issues. If I clone static HTML into PHP files and drop them in to directories, they'll serve securely.

I've tooled around with index.php and even core/CodeIgniter.php and the returns to those requests serve 200 OK under HTTPS.

If I request any dynamically generated document on the publicly visible part of the site, it's constantly HTTPS 302 Found -> HTTP 200 OK

If I do very aggressive .htacccess stuff, the server fights back and the browser goes: "Too many redirects"

Has anyone dealt with this? I am assuming something in the core is silently erroring out?

答案1

得分: 1

在这种特定情况下,库中有一个条件语句,需要$_SERVER['HTTPS']返回TRUE。但是这台服务器返回NULL,于是进入了下一个条件,然后调用了force_non_ssl()函数。

谢谢!

英文:

In this particular case there was a conditional statement in a library that required $_SERVER['HTTPS'] to return TRUE. This server was returning NULL which went to the next condition which summoned force_non_ssl();

Thanks!

huangapple
  • 本文由 发表于 2023年6月13日 08:59:23
  • 转载请务必保留本文链接:https://go.coder-hub.com/76461111.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定