View Issue Details

IDProjectCategoryView StatusLast Update
0016611phplist applicationStatisticspublic22-05-12 23:03
ReporterPaulD 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
PlatformWindows Server 2008 R2OSWindows Server 2008 R2OS VersionWindows Server 2
Product Version2.10.17 
Target Version4.0.xFixed in Version2.11.7 
Summary0016611: Click Tracking changed URL Protocol HTTPS
DescriptionLogin to the admin part of PHPlist was forced to HTTPS. On sending a mail to the mailing list with click tracking activated the protcol part of all the URLS was changed from "http" to "https". The result was that all the links were "dead" as HTTPS external to our network was blocked by the firewall. Preferably the protocol used for link tracking should be set in the configuration and not assummed to be the same as the login by the admin.
Steps To Reproduce1. Setup PHPList so that the login to the admin goes over HTTPS.
2. Activate link tracking
3. Send a message
=> all links are changed to be "https" instead of "http"
Additional InformationThe global variable "scheme" ist set in admin\init.php at line 34:
---
31: ## @@ would be nice to move this to the config file at some point
32: # http://mantis.phplist.com/view.php?id=15521
33: ## set it on the fly, although that will probably only work with Apache
34: $GLOBALS['scheme'] = (isset($_SERVER['HTTPS']) && (strtolower($_SERVER['HTTPS']) == 'on')) ? 'https' : 'http';
---

"scheme" is used in admin\sendmaillib.php to set "$clicktrack_root":
---
436: $clicktrack_root = sprintf('%s://%s/lt.php',$GLOBALS["scheme"],$website.$GLOBALS["pageroot"]);
---
TagsNo tags attached.

Activities

PaulD

04-05-12 10:22

reporter   ~0051561

Workaround
----------
1: Open access to HTTPS in the company firewall to the server hosting PHPList to allow links in already send mails to be accessed
2: Remove the access via HTTPS to the PHPlist admin interface for future mailings

michiel

04-05-12 12:55

manager   ~0051562


ah, yes, very true. Will be good to have two configs for that, one backend and one frontend.

michiel

22-05-12 23:03

manager   ~0051585

new config PUBLIC_PROTOCOL

http://phplist.svn.sourceforge.net/phplist/?rev=3237&view=rev