Fwd: HTTP/2: Missing location header on 301 redirects

Valentin V. Bartenev vbart at nginx.com
Fri Aug 14 16:13:23 UTC 2015


On Wednesday 12 August 2015 15:17:36 Joe Shaw wrote:
> Hi,
> 
> I've stripped out most of the SSL parameters, obfuscated a few paths and
> removed a few unrelated rewrite rules, but here it is:
> 
> server {
>         listen 443 ssl http2 default_server;
>         listen [::]:443 ssl http2 default_server ipv6only=on;
>         server_name joeshaw.org;
> 
>         charset utf-8;
> 
>         ssl on;
>         ssl_certificate /etc/redacted.pem;
>         ssl_certificate_key /etc/redacted.key;
> 
>         root /srv/www/joeshaw.org/;
>         index index.html;
>         error_page 404 /404.html;
> 
>         location / {
>                 try_files $uri $uri/ $uri/index.html =404;
>         }
> }
> 
> server {
>         listen 443 ssl http2;
>         listen [::]:443 ssl http2;
>         server_name www.joeshaw.org;
>         charset utf-8;
>         return 301 https://joeshaw.org$request_uri;
> }
> 
> server {
>         listen 80 default_server;
>         listen [::]:80 default_server ipv6only=on;
>         server_name joeshaw.org www.joeshaw.org;
>         charset utf-8;
>         return 301 https://joeshaw.org$request_uri;
> }
> 
> Hope this helps.
> 
> On a related note, after I was looking at my config I realized that I
> probably wanted the second server clause to be the default_server (so it
> always redirected to my main domain regardless of what Host/:authority
> header was provided) and I tried swapping them.  Then whenever I hit
> https://joeshaw.org/ I was entered into a redirection loop.  It seemed like
> it was not checking the :authority pseudo-header and always serving from
> the default_server.
> 
[..]

Thank you for the report.

Both problems should be fixed in the new version of patch:
http://nginx.org/patches/http2/

  wbr, Valentin V. Bartenev



More information about the nginx-devel mailing list