We have a server that has ssl forced - e.g., any requests for http://our.server.edu/ are automatically redirected to https://our.server.edu/. That creates a problem with the security checking code, as it tries to open a socket to port 80 on the same server, receives a 302, and concludes that the file is accessible. I'm attaching a patch to fix this issue...

thanks,

Adrian

CommentFileSizeAuthor
private_upload.module.fsockopen.patch866 bytesacrollet
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

asohn’s picture

asohn CreditAttribution: asohn commented

Thank you for the patch!! Works great!

Jason Jaeger Geoprobe’s picture

Jason Jaeger Geoprobe CreditAttribution: Jason Jaeger Geoprobe commented
Version: 5.x-1.0-rc2 » 6.x-1.0-rc3
Priority: Normal » Major
Issue tags: +ssl

I am unable to download private files in Internet Explorer on pages secured via SSL. I tried to implement this patch (I acknowledge it is for an earlier version) but it does not seem to help.

chrisschaub’s picture

chrisschaub CreditAttribution: chrisschaub commented

Can this patch get committed or a fix for the https issue? Thanks.

JeffVoskamp’s picture

JeffVoskamp CreditAttribution: JeffVoskamp commented

What he said.
I can't believe it's been outstanding this long.
Works for me.

acrollet’s picture

acrollet CreditAttribution: acrollet commented
Version: 6.x-1.0-rc3 » 6.x-1.x-dev

Ha, it's been years since I even thought of this patch. It looks like the last commit on this project was 2 years ago, so I'm not sure if the project's being maintained. The process would be to first set this patch to RTBC if you have tested it and determined that it works well when applied to the latest -dev version. Then, if the maintainer does not respond, you'll want to follow the steps here: http://drupal.org/node/251466

JeffVoskamp’s picture

JeffVoskamp CreditAttribution: JeffVoskamp commented
Status: Needs review » Reviewed & tested by the community

Works fine here.