Forum: NGINX proxy_redirect not working with https, redirect to http instead of https

proxy_redirect not working with https, redirect to http instead of https
Posted by Alain Spineux (Guest)
on 2007-11-14 13:02
(Received via mailing list) 
Hi

I have a turbogears application running on http://localhost:8080/eg/
I use nginx to provide an HTTPS access.
Everything works except when my apps make redirection, the url is well 
rewritten
but the http is not rewrittent into https, ginving
http://eg01.emailgency.loc/eg/addr/
instead of
https://eg01.emailgency.loc/eg/addr/

I installed nginx 6.16 to test last "mail" features,
but expect to downgrade to stable version.

    server {
        listen               443;
        server_name     eg01.emailgency.loc;
        ssl                  on;
        ssl_certificate      /kolab/etc/kolab/cert.pem;
        ssl_certificate_key  /kolab/etc/kolab/key.pem;

        location /eg/ {
            proxy_pass            http://localhost:8080/eg/;
            proxy_redirect        default;
            #proxy_redirect        http://localhost:8080/eg/
https://eg01.emailgency.loc/eg/; # don't work !
            proxy_set_header      Host $host;
            proxy_set_header      X-Real-IP $remote_addr;
        }

    }

If I add this

    server {
        listen               80;
        rewrite ^(.*)        https://eg01.emailgency.loc$1 redirect;
    }

then its works but with one more redirection

Any idea ?

Regards.
Edit | Move | Delete topic | Reply with quote
Re: proxy_redirect not working with https, redirect to http instead of https
Posted by Igor Sysoev (Guest)
on 2007-11-14 13:09
(Received via mailing list) 
On Wed, Nov 14, 2007 at 12:54:20PM +0100, Alain Spineux wrote:

> 
>             #proxy_redirect        http://localhost:8080/eg/
>         listen               80;
>         rewrite ^(.*)        https://eg01.emailgency.loc$1 redirect;
>     }
> 
> then its works but with one more redirection

Try

-             proxy_redirect        default;
+             proxy_redirect        http://eg01.emailgency.loc/  /;
Edit | Delete | Reply with quote
Re: proxy_redirect not working with https, redirect to http instead of https
Posted by Alain Spineux (Guest)
on 2007-11-14 20:48
(Received via mailing list) 
On Nov 14, 2007 1:03 PM, Igor Sysoev <is@rambler-co.ru> wrote:
> >
> >         location /eg/ {
> > If I add this
> -             proxy_redirect        default;
> +             proxy_redirect        http://eg01.emailgency.loc/  /;

Right, it works tanks Igor.

For the other (and me later :-),  here is the explanations :

When I request :

https://eg01.emailgency.loc/eg/welcome/
My browser build the reques as :

GET /eg/welcome/ HTTPS
Host: eg01.emailgency.loc

Nginx replace /eg/ by /eg/ :-)
and send the identical request using a different protocol "http" to a
different port, but this port is not
updated in "Host:" field because of

proxy_set_header      Host $host;

The request become :

GET /eg/welcome/ HTTP   (here it lost the S)
Host: eg01.emailgency.loc

My application when building a "redirect"  use Host field and return

Location: http://eg01.emailgency.loc/eg/login/

then
             proxy_redirect        http://eg01.emailgency.loc/  /;

just adjust the protocol 'https' the default host
'eg01.emailgency.loc' and return

Location: httpS://eg01.emailgency.loc/eg/login/

BUT if I want to use

             proxy_redirect        default;

I must remove

            proxy_set_header      Host $host;

or replace it by

            proxy_set_header      Host localhost:8080;

Then the "proxy_redirect default" match and works.

Thanks
Edit | Delete | Reply with quote
Re: proxy_redirect not working with https, redirect to http instead of https
Posted by Igor Sysoev (Guest)
on 2007-11-14 20:48
(Received via mailing list) 
On Wed, Nov 14, 2007 at 08:32:17PM +0100, Alain Spineux wrote:

> > > https://eg01.emailgency.loc/eg/addr/
> > >
> > >
> >
> My browser build the reques as :
> 
>              proxy_redirect        http://eg01.emailgency.loc/  /;
> I must remove
> 
>             proxy_set_header      Host $host;
> 
> or replace it by
> 
>             proxy_set_header      Host localhost:8080;
> 
> Then the "proxy_redirect default" match and works.

You are right. Some comments:

1)  to not replace /eg/ by /eg/, you may omit URI part:

      locaiton /eg/ {
-          proxy_pass            http://localhost:8080/eg/;
+          proxy_pass            http://localhost:8080;

2) there is no HTTPS in browser request line:

     GET /eg/welcome/ HTTP/1.0
Edit | Delete | Reply with quote
Re: proxy_redirect not working with https, redirect to http instead of https
Posted by Alain Spineux (Guest)
on 2007-11-15 00:23
(Received via mailing list) 
On Nov 14, 2007 8:42 PM, Igor Sysoev <is@rambler-co.ru> wrote:
> > > > but the http is not rewrittent into https, ginving
> > > >         ssl                  on;
> > > >         }
> > > > then its works but with one more redirection
> > When I request :
> > updated in "Host:" field because of
> > Location: http://eg01.emailgency.loc/eg/login/
> >
> > Then the "proxy_redirect default" match and works.
>
> You are right. Some comments:
>
> 1)  to not replace /eg/ by /eg/, you may omit URI part:
>
>       locaiton /eg/ {
> -          proxy_pass            http://localhost:8080/eg/;
> +          proxy_pass            http://localhost:8080;

Yes, without the "/"

>
> 2) there is no HTTPS in browser request line:
>
>      GET /eg/welcome/ HTTP/1.0

hummm

GET /eg/welcome/ HTTP/1.1

:-)

Thanks for the great soft and your help.
Edit | Delete | Reply with quote
Enable email notification | Enable multi-page view
Please log in before posting. Registration is free and takes only a minute.
Existing account (Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
No account? Register here.
Powered by RForum and Captchator. Contact information - E-Mail: webmaster (at) ruby-forum (dot) com.