Config Setting "behind_proxy: true" gives incorrect proxied protocol
Hi, I am hosting a Dancer Web Application behind an Apache proxy using the recommended (in Dance::Deployment) configuration. The application can be accessed via a secure URL: https://some.domain.comand I have set 'behind_proxy: "true"' in my config.yml. However when I use [% request.uri_base %], I get http://some.domain.com and not https://some.domain.com which is what I am expecting. Is there a way to have request.uri_base return the correct proxied protocol (in this case https) rather than 'http'? Thank you - Gurunandan
On Wed, Apr 4, 2012 at 5:56 PM, Gurunandan Bhat <gbhat@pobox.com> wrote:
Hi,
I am hosting a Dancer Web Application behind an Apache proxy using the recommended (in Dance::Deployment) configuration.
The application can be accessed via a secure URL: https://some.domain.com and I have set 'behind_proxy: "true"' in my config.yml. However when I use [% request.uri_base %], I get http://some.domain.com and not https://some.domain.com which is what I am expecting.
Is there a way to have request.uri_base return the correct proxied protocol (in this case https) rather than 'http'?
I believe I may have had the same problem (been a while, sorry), and ended up using Plack::Middleware::ReverseProxy instead. My config.yml has this: plack_middlewares: - - Plack::Middleware::ReverseProxy
Thank you - Gurunandan
_______________________________________________ Dancer-users mailing list Dancer-users@perldancer.org http://www.backup-manager.org/cgi-bin/listinfo/dancer-users
Thanks Brian. I am currently attempting to see if setting one of the environment variables *__FORWARDED_PROTOCOL_* to "https" and see if it solves the problem. If it does not I will try your suggestion Thank you once again On Wed, Apr 4, 2012 at 9:47 PM, Brian E. Lozier <brian@massassi.com> wrote:
On Wed, Apr 4, 2012 at 5:56 PM, Gurunandan Bhat <gbhat@pobox.com> wrote:
Hi,
I am hosting a Dancer Web Application behind an Apache proxy using the recommended (in Dance::Deployment) configuration.
The application can be accessed via a secure URL: https://some.domain.com and I have set 'behind_proxy: "true"' in my config.yml. However when I use [% request.uri_base %], I get http://some.domain.com and not https://some.domain.com which is what I am expecting.
Is there a way to have request.uri_base return the correct proxied protocol (in this case https) rather than 'http'?
I believe I may have had the same problem (been a while, sorry), and ended up using Plack::Middleware::ReverseProxy instead. My config.yml has this:
plack_middlewares: - - Plack::Middleware::ReverseProxy
Thank you - Gurunandan
_______________________________________________ Dancer-users mailing list Dancer-users@perldancer.org http://www.backup-manager.org/cgi-bin/listinfo/dancer-users
On Thu, Apr 5, 2012 at 11:14 AM, Gurunandan Bhat <gbhat@pobox.com> wrote:
Thanks Brian.
I am currently attempting to see if setting one of the environment variables *__FORWARDED_PROTOCOL_* to "https" and see if it solves the problem. If it does not I will try your suggestion
To be clear, my suggestion also requires the proper http headers be set.
Thank you once again
On Wed, Apr 4, 2012 at 9:47 PM, Brian E. Lozier <brian@massassi.com> wrote:
On Wed, Apr 4, 2012 at 5:56 PM, Gurunandan Bhat <gbhat@pobox.com> wrote:
Hi,
I am hosting a Dancer Web Application behind an Apache proxy using the recommended (in Dance::Deployment) configuration.
The application can be accessed via a secure URL: https://some.domain.com and I have set 'behind_proxy: "true"' in my config.yml. However when I use [% request.uri_base %], I get http://some.domain.com and not https://some.domain.com which is what I am expecting.
Is there a way to have request.uri_base return the correct proxied protocol (in this case https) rather than 'http'?
I believe I may have had the same problem (been a while, sorry), and ended up using Plack::Middleware::ReverseProxy instead. My config.yml has this:
plack_middlewares: - - Plack::Middleware::ReverseProxy
Thank you - Gurunandan
_______________________________________________ Dancer-users mailing list Dancer-users@perldancer.org http://www.backup-manager.org/cgi-bin/listinfo/dancer-users
On Wed, 4 Apr 2012 17:56:34 -0700 Gurunandan Bhat <gbhat@pobox.com> wrote:
Hi,
I am hosting a Dancer Web Application behind an Apache proxy using the recommended (in Dance::Deployment) configuration.
The application can be accessed via a secure URL: https://some.domain.comand I have set 'behind_proxy: "true"' in my config.yml. However when I use [% request.uri_base %], I get http://some.domain.com and not https://some.domain.com which is what I am expecting.
Is there a way to have request.uri_base return the correct proxied protocol (in this case https) rather than 'http'?
The following environment vars will be consulted to find out the protocol used for the original request, in order: 73 $scheme = $_[0]->env->{'X_FORWARDED_PROTOCOL'} 74 || $_[0]->env->{'HTTP_X_FORWARDED_PROTOCOL'} 75 || $_[0]->env->{'HTTP_FORWARDED_PROTO'} If none of them are being set by Apache, that explains why it's not working for you. Can you dump out request->env and see what's being passed by Apache? -- David Precious ("bigpresh") <davidp@preshweb.co.uk> http://www.preshweb.co.uk/ www.preshweb.co.uk/twitter www.preshweb.co.uk/linkedin www.preshweb.co.uk/facebook www.preshweb.co.uk/cpan www.preshweb.co.uk/github
On Thu, Apr 5, 2012 at 1:52 AM, David Precious <davidp@preshweb.co.uk>wrote:
On Wed, 4 Apr 2012 17:56:34 -0700 Gurunandan Bhat <gbhat@pobox.com> wrote:
Hi,
I am hosting a Dancer Web Application behind an Apache proxy using the recommended (in Dance::Deployment) configuration.
The application can be accessed via a secure URL: https://some.domain.comand I have set 'behind_proxy: "true"' in my config.yml. However when I use [% request.uri_base %], I get http://some.domain.com and not https://some.domain.com which is what I am expecting.
Is there a way to have request.uri_base return the correct proxied protocol (in this case https) rather than 'http'?
The following environment vars will be consulted to find out the protocol used for the original request, in order:
73 $scheme = $_[0]->env->{'X_FORWARDED_PROTOCOL'} 74 || $_[0]->env->{'HTTP_X_FORWARDED_PROTOCOL'} 75 || $_[0]->env->{'HTTP_FORWARDED_PROTO'}
If none of them are being set by Apache, that explains why it's not working for you.
Can you dump out request->env and see what's being passed by Apache?
Thanks David. I dumped request->env and discovered that *none* of the three environment variables were set by Apache. I believe I can get Apache to set these using mod_header. Unfortunately I cannot use mod_header in this deployment. In this event can I just set the environment variable to "https" myself? If yes, which is the best place to set it in the application? Thank you once again.
participants (3)
-
Brian E. Lozier -
David Precious -
Gurunandan Bhat