FAQ
Hi,

What is the canonical way of testing if the current request is
https (ssl)?

I found Apache2::ModSSL which adds $c->is_https but it seems old and not
packaged for debian.

Thanks,

Search Discussions

  • Torsten Förtsch at Jun 12, 2014 at 9:52 am

    On 12/06/14 11:41, Louis-David Mitterrand wrote:
    I found Apache2::ModSSL which adds $c->is_https but it seems old and not
    packaged for debian.
    I am the author of said module. I haven't tried it with the httpd24
    branch. But for httpd 2.2. it is expected to work.

    However, the only reason you might need it is to get access to SSL
    related stuff prior to the response phase. If you only need that
    information in the response phase, you can have mod_ssl set a bunch of
    environment variables accessible via $r->subprocess_env.

    Also, SSL in HTTPD is bound to a certain endpoint on the server. So, if
    you know that your server listens on IP:PORT for SSL connections, you
    can check that using the modperl API.

    Torsten
  • Louis-David Mitterrand at Jun 12, 2014 at 12:56 pm

    On Thu, Jun 12, 2014 at 11:50:45AM +0200, Torsten Förtsch wrote:
    On 12/06/14 11:41, Louis-David Mitterrand wrote:
    I found Apache2::ModSSL which adds $c->is_https but it seems old and not
    packaged for debian.
    I am the author of said module. I haven't tried it with the httpd24
    branch. But for httpd 2.2. it is expected to work.

    However, the only reason you might need it is to get access to SSL
    related stuff prior to the response phase. If you only need that
    information in the response phase, you can have mod_ssl set a bunch of
    environment variables accessible via $r->subprocess_env.

    Also, SSL in HTTPD is bound to a certain endpoint on the server. So, if
    you know that your server listens on IP:PORT for SSL connections, you
    can check that using the modperl API.
    On Thu, Jun 12, 2014 at 01:15:36PM +0200, Winfried Neessen wrote:
    Hi,

    mod_ssl in Apache 2.x has the option to set specific environment variables for
    SSL related stuff. This requires "SSLOptions" directive to be set to at least
    "+StdEnvVars". If that is set, you can access it easily by checking for $ENV{'HTTPS'}.

    See https://httpd.apache.org/docs/current/mod/mod_ssl.html for more information.
    Thank you both for your suggestions.

    I finally settled on: $r->subprocess_env('REQUEST_SCHEME') eq 'https'
  • Winfried Neessen at Jun 12, 2014 at 11:16 am
    Hi,

    mod_ssl in Apache 2.x has the option to set specific environment variables for
    SSL related stuff. This requires "SSLOptions" directive to be set to at least
    "+StdEnvVars". If that is set, you can access it easily by checking for $ENV{'HTTPS'}.

    See https://httpd.apache.org/docs/current/mod/mod_ssl.html for more information.


    Winni
    ----- Original Message -----
    From: "Louis-David Mitterrand" <vindex+lists-modperl@apartia.org>
    To: modperl@perl.apache.org
    Sent: Thursday, June 12, 2014 11:41:15 AM
    Subject: how to detect if current connection is https?

    Hi,

    What is the canonical way of testing if the current request is
    https (ssl)?

    I found Apache2::ModSSL which adds $c->is_https but it seems old and not
    packaged for debian.

    Thanks,

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupmodperl @
categoriesmodperl, perl
postedJun 12, '14 at 9:41a
activeJun 12, '14 at 12:56p
posts4
users3
websiteperl.apache.org

People

Translate

site design / logo © 2018 Grokbase