Last modified: 2014-09-03 04:28:35 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T72021, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 70021 - WebRequest::detectServer() appends ":80" to hostname when HTTP_X_FORWARDED_PROTO == "https"
WebRequest::detectServer() appends ":80" to hostname when HTTP_X_FORWARDED_PR...
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
General/Unknown (Other open bugs)
1.24rc
All All
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-08-26 03:16 UTC by Bryan Davis
Modified: 2014-09-03 04:28 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Bryan Davis 2014-08-26 03:16:56 UTC 
Seen in labs when running a MediaWiki-Vagrant configured wiki behind yuviproxy. Configuration sets `$wgServer = WebRequest::detectServer()` which works great when  HTTP_X_FORWARDED_PROTO is unset or http. When it is https, detectServer() adds ":80" to the generated url (eg "https://sulfinalization.wmflabs.org:80").

This is caused by a mismatch between the standard port for https (443) and the active SERVER_PORT reported by Apache (80). detectServer() calls IP::combineHostAndPort( $host, $port=80, $stdPort=443 ) which leads to a return value of $host:80 since the active port and the default port do not match.

I think naively that this could be fixed by choosing to set $port = $stdPort when $_SERVER['HTTP_X_FORWARDED_PROTO'] is set to 'https' and assume the upstream ssl proxy is running on the standard port 443.

Can anyone think of a realistic deployment scenario where this would be the wrong behavior?
Comment 1 Gerrit Notification Bot 2014-08-26 03:55:59 UTC 
Change 156236 had a related patch set uploaded by BryanDavis:
Use protocol default port with HTTP_X_FORWARDED_PROTO

https://gerrit.wikimedia.org/r/156236
Comment 2 Gerrit Notification Bot 2014-09-03 03:51:59 UTC 
Change 156236 merged by jenkins-bot:
Use protocol default port with HTTP_X_FORWARDED_PROTO

https://gerrit.wikimedia.org/r/156236
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links