Skip to content

fix: infer ssl option from host protocol in PostHog::init#111

Merged
cat-ph merged 1 commit intomasterfrom
fix/ssl-detection-with-http-host
Mar 30, 2026
Merged

fix: infer ssl option from host protocol in PostHog::init#111
cat-ph merged 1 commit intomasterfrom
fix/ssl-detection-with-http-host

Conversation

@cat-ph
Copy link
Copy Markdown
Contributor

@cat-ph cat-ph commented Mar 28, 2026
edited
Loading

ran into this small issue when testing against localhost (on http vs https)

Summary

  • PostHog::cleanHost() strips the protocol from the host before QueueConsumer sees it
  • QueueConsumer checks for http:// prefix to set ssl=false, but the protocol is already gone, so it defaults to ssl=true
  • This causes all requests to http:// hosts (e.g. localhost for local dev) to silently fail with curl error 0, as the SDK tries HTTPS against an HTTP server
  • Now PostHog::init() infers ssl from the host protocol before stripping it, unless the user has explicitly set the ssl option

Changes

  • lib/PostHog.php - detect protocol and set ssl option before cleanHost() strips it
  • test/PostHogTest.php - three new tests: http:// host, https:// host, and http:// via env var

Test plan

  • New tests pass (testInitWithHttpHostSetsSslFalse, testInitWithHttpsHostSetsSslTrue, testInitWithEnvHttpHostSetsSslFalse)
  • Full test suite passes (same pre-existing failures only)
  • phpcs clean on changed files
  • Verified end-to-end against local PostHog instance (localhost:8010)

@cat-ph cat-ph requested review from a team, ablaszkiewicz and hpouillot March 28, 2026 11:30
marandaneto
marandaneto reviewed Mar 28, 2026
View reviewed changes
Comment thread lib/PostHog.php Outdated
@cat-ph
fix: infer ssl option from host protocol in PostHog::init
94188f8 
cleanHost() strips the protocol before QueueConsumer sees the host,
so QueueConsumer never detects http:// and defaults ssl to true. This
causes requests to http:// hosts (e.g. localhost) to fail silently
with curl error 0 as the SDK tries to connect via HTTPS.

Now PostHog::init() infers ssl from the host protocol before stripping
it, unless the user has explicitly set the ssl option.
@cat-ph cat-ph force-pushed the fix/ssl-detection-with-http-host branch from 3642c24 to 94188f8 Compare March 30, 2026 07:11
@marandaneto
Copy link
Copy Markdown
Member

marandaneto commented Mar 30, 2026

@cat-ph https://github.com/PostHog/posthog-php#release-process
you also need the relese label

@cat-ph cat-ph added the release label Mar 30, 2026
@cat-ph
Copy link
Copy Markdown
Contributor Author

cat-ph commented Mar 30, 2026

ah woops, good spot, thanks!

@cat-ph cat-ph merged commit 4b9fe1e into master Mar 30, 2026
14 checks passed
@cat-ph cat-ph deleted the fix/ssl-detection-with-http-host branch March 30, 2026 07:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marandaneto marandaneto marandaneto approved these changes

@hpouillot hpouillot Awaiting requested review from hpouillot hpouillot was automatically assigned from PostHog/team-error-tracking

@ablaszkiewicz ablaszkiewicz Awaiting requested review from ablaszkiewicz ablaszkiewicz was automatically assigned from PostHog/team-error-tracking

Assignees

No one assigned

Labels

bump-patch release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cat-ph @marandaneto