Hi I have a turbogears application running on http://localhost:8080/eg/ I use nginx to provide an HTTPS access. Everything works except when my apps make redirection, the url is well rewritten but the http is not rewrittent into https, ginving http://eg01.emailgency.loc/eg/addr/ instead of https://eg01.emailgency.loc/eg/addr/ I installed nginx 6.16 to test last "mail" features, but expect to downgrade to stable version. server { listen 443; server_name eg01.emailgency.loc; ssl on; ssl_certificate /kolab/etc/kolab/cert.pem; ssl_certificate_key /kolab/etc/kolab/key.pem; location /eg/ { proxy_pass http://localhost:8080/eg/; proxy_redirect default; #proxy_redirect http://localhost:8080/eg/ https://eg01.emailgency.loc/eg/; # don't work ! proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; } } If I add this server { listen 80; rewrite ^(.*) https://eg01.emailgency.loc$1 redirect; } then its works but with one more redirection Any idea ? Regards.
on 14.11.2007 13:02
on 14.11.2007 13:09
On Wed, Nov 14, 2007 at 12:54:20PM +0100, Alain Spineux wrote: > > #proxy_redirect http://localhost:8080/eg/ > listen 80; > rewrite ^(.*) https://eg01.emailgency.loc$1 redirect; > } > > then its works but with one more redirection Try - proxy_redirect default; + proxy_redirect http://eg01.emailgency.loc/ /;
on 14.11.2007 20:48
On Nov 14, 2007 1:03 PM, Igor Sysoev <is@rambler-co.ru> wrote: > > > > location /eg/ { > > If I add this > - proxy_redirect default; > + proxy_redirect http://eg01.emailgency.loc/ /; Right, it works tanks Igor. For the other (and me later :-), here is the explanations : When I request : https://eg01.emailgency.loc/eg/welcome/ My browser build the reques as : GET /eg/welcome/ HTTPS Host: eg01.emailgency.loc Nginx replace /eg/ by /eg/ :-) and send the identical request using a different protocol "http" to a different port, but this port is not updated in "Host:" field because of proxy_set_header Host $host; The request become : GET /eg/welcome/ HTTP (here it lost the S) Host: eg01.emailgency.loc My application when building a "redirect" use Host field and return Location: http://eg01.emailgency.loc/eg/login/ then proxy_redirect http://eg01.emailgency.loc/ /; just adjust the protocol 'https' the default host 'eg01.emailgency.loc' and return Location: httpS://eg01.emailgency.loc/eg/login/ BUT if I want to use proxy_redirect default; I must remove proxy_set_header Host $host; or replace it by proxy_set_header Host localhost:8080; Then the "proxy_redirect default" match and works. Thanks
on 14.11.2007 20:48
On Wed, Nov 14, 2007 at 08:32:17PM +0100, Alain Spineux wrote: > > > https://eg01.emailgency.loc/eg/addr/ > > > > > > > > > My browser build the reques as : > > proxy_redirect http://eg01.emailgency.loc/ /; > I must remove > > proxy_set_header Host $host; > > or replace it by > > proxy_set_header Host localhost:8080; > > Then the "proxy_redirect default" match and works. You are right. Some comments: 1) to not replace /eg/ by /eg/, you may omit URI part: locaiton /eg/ { - proxy_pass http://localhost:8080/eg/; + proxy_pass http://localhost:8080; 2) there is no HTTPS in browser request line: GET /eg/welcome/ HTTP/1.0
on 15.11.2007 00:23
On Nov 14, 2007 8:42 PM, Igor Sysoev <is@rambler-co.ru> wrote: > > > > but the http is not rewrittent into https, ginving > > > > ssl on; > > > > } > > > > then its works but with one more redirection > > When I request : > > updated in "Host:" field because of > > Location: http://eg01.emailgency.loc/eg/login/ > > > > Then the "proxy_redirect default" match and works. > > You are right. Some comments: > > 1) to not replace /eg/ by /eg/, you may omit URI part: > > locaiton /eg/ { > - proxy_pass http://localhost:8080/eg/; > + proxy_pass http://localhost:8080; Yes, without the "/" > > 2) there is no HTTPS in browser request line: > > GET /eg/welcome/ HTTP/1.0 hummm GET /eg/welcome/ HTTP/1.1 :-) Thanks for the great soft and your help.