This modifies the detection of HTTPS by checking whether the lower-case value of the HTTPS-key of the server variable equals 'on'. Before that checked whether the value did not match 'off' which meant that the nginx-default for non-HTTPS connections (which, according to the documentation is an empty string) did in fact match and returned that the connection is encrypted.
This fixes #362
Provide a narrative description of what you are trying to accomplish: See #362
[x] Are you fixing a bug?
[x] Detail how the bug is invoked currently.
[x] Detail the original, incorrect behavior.
[x] Detail the new, expected behavior.
[x] Base your feature on the master branch, and submit against that branch.
[x] Add a regression test that demonstrates the bug, and proves the fix.
weierophinney
commented
5 years ago
This modifies the detection of HTTPS by checking whether the lower-case value of the HTTPS-key of the server variable equals 'on'. Before that checked whether the value did not match 'off' which meant that the nginx-default for non-HTTPS connections (which, according to the documentation is an empty string) did in fact match and returned that the connection is encrypted.
This fixes #362
Provide a narrative description of what you are trying to accomplish: See #362
masterbranch, and submit against that branch.CHANGELOG.mdentry for the fix.