Problem/Motivation

Drupal determines whether it is serving an HTTPS request (which is not a completely trivial check) right after including the settings.php file. However that logic can be also useful while initializing settings, for instance when crafting base URLs. Currently that logic has to be copied wherever it's needed.

In Drupal 8 we have Symfony\Component\HttpFoundation\Request::isSecure() so this applies only to Drupal 7.

Proposed resolution

Factor out logic to detect HTTPS requests into a drupal_is_https() API function.

Remaining tasks

  • Validate the suggested solution
  • Write a patch
  • Reviews

User interface changes

None

API changes

None, only additions.

Data model changes

None

CommentFileSizeAuthor
#2 drupal-is_https-2821203-2.patch991 bytesplach
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

plach created an issue. See original summary.

plach’s picture

plach
he/him
Primary language Italian
Location Venezia
CreditAttribution: plach at Tag1 Consulting commented
Issue summary: View changes
Status: Active » Needs review
FileSize
drupal-is_https-2821203-2.patch991 bytes
marco’s picture

marco CreditAttribution: marco at Tag1 Consulting commented
Status: Needs review » Reviewed & tested by the community

Reviewed and tested, works as expected and I'd love if this gets merged.

stefan.r’s picture

stefan.r CreditAttribution: stefan.r commented
Issue tags: +Drupal bugfix target, +Needs change record

This seems useful, just wondering if this needs a comment "introduced in Drupal 7.52" or such (to communicate that calling this will break on older core installs), and if small API additions like this can go into a bugfix release or should wait until 7.60.

plach’s picture

plach
he/him
Primary language Italian
Location Venezia
CreditAttribution: plach at Tag1 Consulting commented
Issue tags: -Drupal bugfix target, -Needs change record

Added change record at https://www.drupal.org/node/2824590.

Totally fine with this going into version 7.60: it's not a bug fix so I'd say it's actually the right thing to do. Instead I'm not sure about adding a note with the version the new function was introduced in: we already have the change record and we don't seem to do that anywhere else.

Fabianx’s picture

Fabianx CreditAttribution: Fabianx as a volunteer commented
Issue tags: +Pending Drupal 7 commit, +Drupal 7.60 target

Marking for commit. I am not yet sure this is a 7.60 target, but marking as such for now.

I think we need to talk about this internally.

stefan.r’s picture

stefan.r CreditAttribution: stefan.r commented
Issue tags: -Drupal 7.60 target +Drupal bugfix target

Since this is a very minor addition, 7.60 is a bit away still, and we have a change record for it anyway, let's just add it to the next bugfix release.

  • cfe9983 committed on 7.x 
    Issue #2821203 by plach: Factor out logic to detect HTTPS requests into...
stefan.r’s picture

stefan.r CreditAttribution: stefan.r commented
Status: Reviewed & tested by the community » Fixed
Issue tags: -Pending Drupal 7 commit, -Drupal bugfix target +Needs change record
David_Rothstein’s picture

David_Rothstein CreditAttribution: David_Rothstein as a volunteer commented
Issue tags: -Needs change record +7.54 release notes

I went ahead and published the change record with minor edits.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.