[eluser]maltzurra[/eluser]
First things first. I'm on vacation away from my computer so I can't use Github. Sorry for that. This should be fixed straight in Github.
The bug happens when base_url is not set. This is the code from Config.php library (now in Common.php as is_https() function).
Code:
function is_https() {
return ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off');
}
The function is poorly written: whitelist > blacklist FTW! If
$_SERVER['HTTPS'] value is "0" or "NULL", it will be set as HTTPS. And it happens depending on the hosting. That's obviously not correct.
Instead, it should be:
Code:
function is_https() {
return (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) === 'on');
}
This way, you can assure HTTPS is ON.
PS: Sorry again for not using Github myself. Would be great if someone could do it himself.
Thanks for your time,
Regards,
Maltz.