Commit d8a2bbb2 authored by lkmorlan's avatar lkmorlan

RT-Ticket: #238300

uw_security: No HTTPS rediretion when PHP is running from the command line, such as by Drush.
parent 973e3ffe
......@@ -11,7 +11,7 @@ function uw_security_form_alter(&$form, &$form_state, $form_id) {
// Flag form as secure for theming purposes.
$form['#https'] = TRUE;
// POST requests are not redirected, to prevent unintentional redirects which result in lost POST data.
if (!$is_https && $_SERVER['REQUEST_METHOD'] !== 'POST') {
if (!$is_https && $_SERVER['REQUEST_METHOD'] !== 'POST' && !drupal_is_cli()) {
// Ignore the destination for this redirect (it was preserved in the query).
unset($_GET['destination']);
// Can't use https option to url() because we are not setting the https global variable (which is bad for security).
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment