CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM (Moderator: Dave Greenberg) »
  • civicrm forces some urls to https in nginx/1.1.19
Pages: [1]

Author Topic: civicrm forces some urls to https in nginx/1.1.19  (Read 50780 times)

Michael McAndrew

  • Forum Godess / God
  • I live on this forum
  • *****
  • Posts: 1274
  • Karma: 55
    • Third Sector Design
  • CiviCRM version: various
  • CMS version: Nearly always Drupal
  • MySQL version: 5.5
  • PHP version: 5.3
civicrm forces some urls to https in nginx/1.1.19
July 04, 2012, 03:23:02 pm
I found out that the ubuntu 12.04 version of nginx does not like some aspects of SSL in CRM/Core/Config.php.

if you do a view source you will find that it looks for https://ff.dev/misc/ui/jquery.ui.button.css?m6np71
not https://ff.dev/misc/ui/jquery.ui.button.css?m6np71.

Note that this affects servers that do NOT serve https as well as those that do.

Kurund pointed me here:

Quote
Index: CRM/Core/Config.php
===================================================================
--- CRM/Core/Config.php   (revision 41370)
+++ CRM/Core/Config.php   (working copy)
@@ -265,7 +265,7 @@
       $this->userFrameworkBaseURL = CRM_Utils_System::languageNegotiationURL($this->userFrameworkBaseURL);
 
       if (isset($_SERVER['HTTPS']) &&
-        strtolower($_SERVER['HTTPS']) != 'off'
+        strtolower($_SERVER['HTTPS']) == 'on'
       ) {
         $this->userFrameworkBaseURL = str_replace('http://', 'https://',

The problem with the previous code is that on nginx nginx/1.1.19 (on ubuntu 12.04 with php-fpm at least) $_SERVER['HTTPS'] is set and does not equal off, but it doesn't equal on either (it is an empty string - see below).

http://
Quote
Array
(
    [USER] => www-data
    [HOME] => /var/www
    [FCGI_ROLE] => RESPONDER
    [QUERY_STRING] =>
    [REQUEST_METHOD] => GET
    [CONTENT_TYPE] =>
    [CONTENT_LENGTH] =>
    [SCRIPT_FILENAME] => /projects/ff/git/drupal/test.php
    [SCRIPT_NAME] => /test.php
    [REQUEST_URI] => /test.php
    [DOCUMENT_URI] => /test.php
    [DOCUMENT_ROOT] => /projects/ff/git/drupal
    [SERVER_PROTOCOL] => HTTP/1.1
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_SOFTWARE] => nginx/1.1.19
    [REMOTE_ADDR] => 192.168.56.1
    [REMOTE_PORT] => 56850
    [SERVER_ADDR] => 192.168.56.101
    [SERVER_PORT] => 80
    [SERVER_NAME] => ff.dev
    [HTTPS] =>
    [REDIRECT_STATUS] => 200
    [HTTP_HOST] => ff.dev
    [HTTP_CONNECTION] => keep-alive
    [HTTP_CACHE_CONTROL] => max-age=0
    [HTTP_USER_AGENT] => Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    [HTTP_ACCEPT_ENCODING] => gzip,deflate,sdch
    [HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.8
    [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.3
    [HTTP_COOKIE] => Drupal.tableDrag.showWeight=0; SESS80fc0fb9266db7b83f85850fa0e6548b=VDOshhqruGY2AgY0oCr6j_QpCif-bVq1x0TMcF2UgRc; SESS2615aa4f1839f7e2e673a7efd1af3f12=Ty2LahUJ3dDOuUFo7MzcHO_P0crjl6N7wwPkdqIWzA8; has_js=1; Drupal.toolbar.collapsed=0; __utma=215129536.1197738165.1340105020.1341421449.1341438038.7; __utmb=215129536.3.10.1341438038; __utmc=215129536; __utmz=215129536.1340105020.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __atuvc=2%7C25%2C17%7C26%2C29%7C27
    [PHP_SELF] => /test.php
    [REQUEST_TIME] => 1341431181
)

https://
Quote
Array
(
    [USER] => www-data
    [HOME] => /var/www
    [FCGI_ROLE] => RESPONDER
    [QUERY_STRING] =>
    [REQUEST_METHOD] => GET
    [CONTENT_TYPE] =>
    [CONTENT_LENGTH] =>
    [SCRIPT_FILENAME] => /projects/ff/git/drupal/test.php
    [SCRIPT_NAME] => /test.php
    [REQUEST_URI] => /test.php
    [DOCUMENT_URI] => /test.php
    [DOCUMENT_ROOT] => /projects/ff/git/drupal
    [SERVER_PROTOCOL] => HTTP/1.1
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_SOFTWARE] => nginx/1.1.19
    [REMOTE_ADDR] => 192.168.56.1
    [REMOTE_PORT] => 57315
    [SERVER_ADDR] => 192.168.56.101
    [SERVER_PORT] => 443
    [SERVER_NAME] => ff.dev
    [HTTPS] => on
    [REDIRECT_STATUS] => 200
    [HTTP_HOST] => ff.dev
    [HTTP_CONNECTION] => keep-alive
    [HTTP_USER_AGENT] => Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    [HTTP_ACCEPT_ENCODING] => gzip,deflate,sdch
    [HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.8
    [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.3
    [HTTP_COOKIE] => Drupal.tableDrag.showWeight=0; SESS80fc0fb9266db7b83f85850fa0e6548b=VDOshhqruGY2AgY0oCr6j_QpCif-bVq1x0TMcF2UgRc; SESS2615aa4f1839f7e2e673a7efd1af3f12=Ty2LahUJ3dDOuUFo7MzcHO_P0crjl6N7wwPkdqIWzA8; Drupal.toolbar.collapsed=0; has_js=1; __utma=215129536.1197738165.1340105020.1341421449.1341438038.7; __utmb=215129536.7.10.1341438038; __utmc=215129536; __utmz=215129536.1340105020.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __atuvc=2%7C25%2C17%7C26%2C33%7C27
    [PHP_SELF] => /test.php
    [REQUEST_TIME] => 1341432971
)

This seems like a step in the right direction but it doesn't solve the problem (See next post).
« Last Edit: July 04, 2012, 05:19:20 pm by michaelmcandrew »
Service providers: Grow your business, build your reputation and support CiviCRM. Become a partner today

Michael McAndrew

  • Forum Godess / God
  • I live on this forum
  • *****
  • Posts: 1274
  • Karma: 55
    • Third Sector Design
  • CiviCRM version: various
  • CMS version: Nearly always Drupal
  • MySQL version: 5.5
  • PHP version: 5.3
Re: civicrm forces some urls to https in nginx/1.1.19
July 04, 2012, 05:17:40 pm
Hey there,

The plot thickens.

It seems that I have traced this a bit further and it seems even with the patch applied, that whenever civicrm_initialize is called, the URLs get redirected, e.g.

it looks for https://ff.dev/misc/ui/jquery.ui.button.css?m6np71
not https://ff.dev/misc/ui/jquery.ui.button.css?m6np71

I looked at the output of this in a drupal module and I got
   civicrm_initialize();
   $config = CRM_Core_Config::singleton( );
   print_r($config);

Quote
    [userFrameworkBaseURL] => http://ff.dev/
    [userFrameworkResourceURL] => https://ff.dev/sites/all/modules/civicrm/

amongst other things, which seemed weird to me as http://ff.dev/civicrm/admin/setting/url?reset=1 is reporting the civicrm resource url to be http://ff.dev/sites/all/modules/civicrm.

anyone want to put me out of my misery???
Service providers: Grow your business, build your reputation and support CiviCRM. Become a partner today

Michael McAndrew

  • Forum Godess / God
  • I live on this forum
  • *****
  • Posts: 1274
  • Karma: 55
    • Third Sector Design
  • CiviCRM version: various
  • CMS version: Nearly always Drupal
  • MySQL version: 5.5
  • PHP version: 5.3
Re: civicrm forces some urls to https in nginx/1.1.19
July 05, 2012, 08:03:03 am
Quote
It seems that I have traced this a bit further and it seems even with the patch applied, that whenever civicrm_initialize is called, the URLs get redirected

to clarify, the URLs get forced to https when civicrm_initialize(); is called in a hook. As soon as I comment out the call to civicrm_initialize(); the urls do not get forced to https.

Michael
Service providers: Grow your business, build your reputation and support CiviCRM. Become a partner today

Michael McAndrew

  • Forum Godess / God
  • I live on this forum
  • *****
  • Posts: 1274
  • Karma: 55
    • Third Sector Design
  • CiviCRM version: various
  • CMS version: Nearly always Drupal
  • MySQL version: 5.5
  • PHP version: 5.3
Re: civicrm forces some urls to https in nginx/1.1.19
July 09, 2012, 09:26:02 am
Hey there,

Grepping for SERVER['HTTPS'] threw up a few more places where this happens, including a fair number in the packages directory (though not sure if these will actually cause us any issues).

I filled this issue with a patch: http://issues.civicrm.org/jira/browse/CRM-10500 which seems to fix nginx tho not sure if it breaks apache :)

Code: [Select]
~/civicrm$ grep -rn SERVER.*HTTPS .
./packages/dompdf/include/functions.inc.php:269:      $protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https://' : 'http://';
./packages/OpenFlashChart/php-ofc-library/open-flash-chart-object.php:40:    if (isset ($_SERVER['HTTPS']))
./packages/OpenFlashChart/php-ofc-library/open-flash-chart-object.php:42:        if (strtoupper ($_SERVER['HTTPS']) == 'ON')
./packages/kcfinder/integration/drupal.php:58:            $base_root = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
./packages/tcpdf/config/tcpdf_config_alt.php:58: if(isset($_SERVER['HTTPS']) AND (!empty($_SERVER['HTTPS'])) AND strtolower($_SERVER['HTTPS'])!='off') {
./packages/tcpdf/config/tcpdf_config.php:62: if(isset($_SERVER['HTTPS']) AND (!empty($_SERVER['HTTPS'])) AND strtolower($_SERVER['HTTPS'])!='off') {
./packages/Net/URL.php:146:            $this->protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 'https' : 'http');
./packages/Pager/Common.php:45:    $http = (isset($_SERVER['HTTPS']) && ('on' == strtolower($_SERVER['HTTPS']))) ? 'https://' : 'http://';
./packages/HTML/QuickForm/Action/Jump.php:105:        $https  = !empty($_SERVER['HTTPS']) && ('off' != $_SERVER['HTTPS']);
./CRM/Utils/ReCAPTCHA.php:85:        if ( isset( $_SERVER['HTTPS'] ) &&
./CRM/Utils/ReCAPTCHA.php:86:            strtolower( $_SERVER['HTTPS'] ) != 'off' ) {     
./CRM/Utils/System.php:843:             ( ! isset( $_SERVER['HTTPS'] ) ||
./CRM/Utils/System.php:844:               strtolower( $_SERVER['HTTPS'] )  == 'off' ) &&
./CRM/Core/Config.php:267:            if ( isset( $_SERVER['HTTPS'] ) &&
./CRM/Core/Config.php:268:                 strtolower( $_SERVER['HTTPS'] ) != 'off' ) {
./CRM/Core/Config.php:460:            if ( isset( $_SERVER['HTTPS'] ) &&
./CRM/Core/Config.php:461:                 strtolower( $_SERVER['HTTPS'] ) != 'off' ) {
./install/civicrm.php:228:    if ( ! isset( $_SERVER['HTTPS'] ) ||
./install/civicrm.php:229:         strtolower( $_SERVER['HTTPS'] )  == 'off' ) {
Service providers: Grow your business, build your reputation and support CiviCRM. Become a partner today

Michael McAndrew

  • Forum Godess / God
  • I live on this forum
  • *****
  • Posts: 1274
  • Karma: 55
    • Third Sector Design
  • CiviCRM version: various
  • CMS version: Nearly always Drupal
  • MySQL version: 5.5
  • PHP version: 5.3
Re: civicrm forces some urls to https in nginx/1.1.19
July 18, 2012, 06:09:02 am
Hey there,

So this is now fixed in 4.2. If you need to backport, see the patch (though you can ignore all the lines we have removed the line break between static and function since that is just code clean up).

Michael
Service providers: Grow your business, build your reputation and support CiviCRM. Become a partner today
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM (Moderator: Dave Greenberg) »
  • civicrm forces some urls to https in nginx/1.1.19

This forum was archived on 2017-11-26.