on-rev "HTTP_UPGRADE_INSECURE_REQUESTS"

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

on-rev "HTTP_UPGRADE_INSECURE_REQUESTS"

hh via use-livecode
Hi folks,

Today I got back to my office after a long weekend to find that a
desktop app I support, which was working fine last week, is blowing up
during a server login process. It's trying to log into a system that
runs on an on-rev server.

Looking at the server globals, I notice this one:

    $_SERVER[HTTP_UPGRADE_INSECURE_REQUESTS] = 1

Does anyone know if this was recently changed?

(grasping at straws here)

Thanks -
Phil Davis

--
Phil Davis

_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: on-rev "HTTP_UPGRADE_INSECURE_REQUESTS"

hh via use-livecode
Well if it's straws you are grasping at, I can tell you we had a customer last week who has 2 copiers which suddently began failing scan to SMB share, and nothing we could do would get it to talk to the server. I had another customer call this morning with the same problem. I'm a little concerned that Microsoft "expired" (forced) an update or patch out that may be causing an issue.

Bob S


> On Feb 21, 2017, at 14:33 , Phil Davis via use-livecode <[hidden email]> wrote:
>
> Hi folks,
>
> Today I got back to my office after a long weekend to find that a desktop app I support, which was working fine last week, is blowing up during a server login process. It's trying to log into a system that runs on an on-rev server.
>
> Looking at the server globals, I notice this one:
>
>   $_SERVER[HTTP_UPGRADE_INSECURE_REQUESTS] = 1
>
> Does anyone know if this was recently changed?
>
> (grasping at straws here)
>
> Thanks -
> Phil Davis


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: on-rev "HTTP_UPGRADE_INSECURE_REQUESTS"

hh via use-livecode
Thanks Bob - at least there are plenty of straws to go around. Guess
I'll stop guessing and start digging.

Phil


On 2/21/17 2:53 PM, Bob Sneidar via use-livecode wrote:

> Well if it's straws you are grasping at, I can tell you we had a customer last week who has 2 copiers which suddently began failing scan to SMB share, and nothing we could do would get it to talk to the server. I had another customer call this morning with the same problem. I'm a little concerned that Microsoft "expired" (forced) an update or patch out that may be causing an issue.
>
> Bob S
>
>
>> On Feb 21, 2017, at 14:33 , Phil Davis via use-livecode <[hidden email]> wrote:
>>
>> Hi folks,
>>
>> Today I got back to my office after a long weekend to find that a desktop app I support, which was working fine last week, is blowing up during a server login process. It's trying to log into a system that runs on an on-rev server.
>>
>> Looking at the server globals, I notice this one:
>>
>>    $_SERVER[HTTP_UPGRADE_INSECURE_REQUESTS] = 1
>>
>> Does anyone know if this was recently changed?
>>
>> (grasping at straws here)
>>
>> Thanks -
>> Phil Davis
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>

--
Phil Davis


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: on-rev "HTTP_UPGRADE_INSECURE_REQUESTS"

hh via use-livecode
WHAT JUST HAPPENED?  The desktop app I mentioned earlier is now (around
6:15 PM Pacific time) suddenly no longer blowing up during login, and
its normal speed has been restored. I suspect someone at Command Central
changed a server setting... but I see my
'HTTP_UPGRADE_INSECURE_REQUESTS' is still turned on.

Whatever magical thing happened, I'm very grateful. But I sure would
like to know what it was so I can tell my client.

Thanks -
Phil



On 2/21/17 3:07 PM, Phil Davis via use-livecode wrote:

> Thanks Bob - at least there are plenty of straws to go around. Guess
> I'll stop guessing and start digging.
>
> Phil
>
>
> On 2/21/17 2:53 PM, Bob Sneidar via use-livecode wrote:
>> Well if it's straws you are grasping at, I can tell you we had a
>> customer last week who has 2 copiers which suddently began failing
>> scan to SMB share, and nothing we could do would get it to talk to
>> the server. I had another customer call this morning with the same
>> problem. I'm a little concerned that Microsoft "expired" (forced) an
>> update or patch out that may be causing an issue.
>>
>> Bob S
>>
>>
>>> On Feb 21, 2017, at 14:33 , Phil Davis via use-livecode
>>> <[hidden email]> wrote:
>>>
>>> Hi folks,
>>>
>>> Today I got back to my office after a long weekend to find that a
>>> desktop app I support, which was working fine last week, is blowing
>>> up during a server login process. It's trying to log into a system
>>> that runs on an on-rev server.
>>>
>>> Looking at the server globals, I notice this one:
>>>
>>>    $_SERVER[HTTP_UPGRADE_INSECURE_REQUESTS] = 1
>>>
>>> Does anyone know if this was recently changed?
>>>
>>> (grasping at straws here)
>>>
>>> Thanks -
>>> Phil Davis
>>
>> _______________________________________________
>> use-livecode mailing list
>> [hidden email]
>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>
>

--
Phil Davis


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: on-rev "HTTP_UPGRADE_INSECURE_REQUESTS"

hh via use-livecode
That actually sounds like a constant that determines if HTTP requests get bumped up to HTTPS. So I googled it and discovered that this is pretty much what it does. For a login request, you would expect that this should be enabled, otherwise you are sending passwords in the clear. You probably know all that, but never assume is the IT Tech's motto.

Just tell the client that someone at the server site was working with security certificates and be done with it.

Bob S


> On Feb 21, 2017, at 18:30 , Phil Davis via use-livecode <[hidden email]> wrote:
>
> WHAT JUST HAPPENED?  The desktop app I mentioned earlier is now (around 6:15 PM Pacific time) suddenly no longer blowing up during login, and its normal speed has been restored. I suspect someone at Command Central changed a server setting... but I see my 'HTTP_UPGRADE_INSECURE_REQUESTS' is still turned on.
>
> Whatever magical thing happened, I'm very grateful. But I sure would like to know what it was so I can tell my client.
>
> Thanks -
> Phil


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: on-rev "HTTP_UPGRADE_INSECURE_REQUESTS"

hh via use-livecode
I assumed the same as you but didn't look it up. Good idea about what to
say - thanks Bob!

Phil


On 2/22/17 7:42 AM, Bob Sneidar via use-livecode wrote:

> That actually sounds like a constant that determines if HTTP requests get bumped up to HTTPS. So I googled it and discovered that this is pretty much what it does. For a login request, you would expect that this should be enabled, otherwise you are sending passwords in the clear. You probably know all that, but never assume is the IT Tech's motto.
>
> Just tell the client that someone at the server site was working with security certificates and be done with it.
>
> Bob S
>
>
>> On Feb 21, 2017, at 18:30 , Phil Davis via use-livecode <[hidden email]> wrote:
>>
>> WHAT JUST HAPPENED?  The desktop app I mentioned earlier is now (around 6:15 PM Pacific time) suddenly no longer blowing up during login, and its normal speed has been restored. I suspect someone at Command Central changed a server setting... but I see my 'HTTP_UPGRADE_INSECURE_REQUESTS' is still turned on.
>>
>> Whatever magical thing happened, I'm very grateful. But I sure would like to know what it was so I can tell my client.
>>
>> Thanks -
>> Phil
>
> _______________________________________________
> use-livecode mailing list
> [hidden email]
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>

--
Phil Davis


_______________________________________________
use-livecode mailing list
[hidden email]
Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
Loading...