Incorrect redirect protocol when behind a reverse proxy
Glenn Maynard
glenn at zewt.org
Thu Jul 25 14:42:49 UTC 2013
On Thu, Jul 25, 2013 at 5:11 AM, Jonathan Matthews
<contact at jpluscplusm.com>wrote:
> What does this mean? Do you see SSL traffic, or do you mean heroku
> terminates the ssl leaving you with http connections only?
>
Heroku handles SSL, and nginx sees only HTTP traffic.
> > This mostly works fine, but nginx has one problem with it: since it
> thinks the protocol is http, any redirects (such as trailing-slash
> redirects) go to http instead of https.
>
> Show us some config that generates these redirects.
>
> > The usual fix for this is X-Forwarded-Proto, but nginx doesn't support
> that yet
>
> That doesn't make sense to me. What is there to support? You can just
> write your redirect directives using X-F-P instead of hard coding the
> scheme.
>
I'm not hardcoding anything. Nginx is generating its own redirects. The
case I'm seeing currently is ngx_http_static_module redirecting to add a
trailing slashes to URLs.
> You've gone into the code far too early IMHO. There's usually a way to
> change nginx's behaviour in config.
>
I've gone into the code precisely to find out how to do that, since the
documentation wasn't helping. I was surprised to discover that the
protocol seems to be hardcoded.
> Do all requests have x-f-p? 100%? Then just change your redirects to
> reference it.
>
I don't have any redirects. Nginx is doing this on its own.
--
Glenn Maynard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130725/79b7dc06/attachment.html>
More information about the nginx
mailing list