Skip to content

fix: infer ssl option from host protocol in PostHog::init#111

Open
cat-ph wants to merge 1 commit intomasterfrom
fix/ssl-detection-with-http-host
Open

fix: infer ssl option from host protocol in PostHog::init#111
cat-ph wants to merge 1 commit intomasterfrom
fix/ssl-detection-with-http-host

Conversation

@cat-ph
Copy link
Copy Markdown

@cat-ph cat-ph commented Mar 28, 2026
edited
Loading

ran into this small issue when testing against localhost (on http vs https)

Summary

  • PostHog::cleanHost() strips the protocol from the host before QueueConsumer sees it
  • QueueConsumer checks for http:// prefix to set ssl=false, but the protocol is already gone, so it defaults to ssl=true
  • This causes all requests to http:// hosts (e.g. localhost for local dev) to silently fail with curl error 0, as the SDK tries HTTPS against an HTTP server
  • Now PostHog::init() infers ssl from the host protocol before stripping it, unless the user has explicitly set the ssl option

Changes

  • lib/PostHog.php - detect protocol and set ssl option before cleanHost() strips it
  • test/PostHogTest.php - three new tests: http:// host, https:// host, and http:// via env var

Test plan

  • New tests pass (testInitWithHttpHostSetsSslFalse, testInitWithHttpsHostSetsSslTrue, testInitWithEnvHttpHostSetsSslFalse)
  • Full test suite passes (same pre-existing failures only)
  • phpcs clean on changed files
  • Verified end-to-end against local PostHog instance (localhost:8010)

@cat-ph
fix: infer ssl option from host protocol in PostHog::init
3642c24 
cleanHost() strips the protocol before QueueConsumer sees the host,
so QueueConsumer never detects http:// and defaults ssl to true. This
causes requests to http:// hosts (e.g. localhost) to fail silently
with curl error 0 as the SDK tries to connect via HTTPS.

Now PostHog::init() infers ssl from the host protocol before stripping
it, unless the user has explicitly set the ssl option.
@cat-ph cat-ph requested review from a team, ablaszkiewicz and hpouillot March 28, 2026 11:30
marandaneto
marandaneto reviewed Mar 28, 2026
View reviewed changes
lib/PostHog.php
Comment on lines +45 to +47
if (substr($rawHost, 0, 7) === "http://") {
$options["ssl"] = false;
} elseif (substr($rawHost, 0, 8) === "https://") {
Copy link
Copy Markdown
Member

@marandaneto marandaneto Mar 28, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you do that with startsWith? its likely better than alocating a new string
its less error prone
if PHP < 8 we cna also do like if (strpos($rawHost, "http://") === 0)
do we support PHP 7 and older?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marandaneto marandaneto marandaneto approved these changes

@hpouillot hpouillot Awaiting requested review from hpouillot hpouillot was automatically assigned from PostHog/team-error-tracking

@ablaszkiewicz ablaszkiewicz Awaiting requested review from ablaszkiewicz ablaszkiewicz was automatically assigned from PostHog/team-error-tracking

Assignees

No one assigned

Labels

bump-patch

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cat-ph @marandaneto