[dancer-users] redirects with SSL

Zahir Lalani ZahirLalani at oliver.agency
Mon Mar 21 09:05:06 GMT 2016



> -----Original Message-----
> From: dancer-users [mailto:dancer-users-bounces at dancer.pm] On Behalf Of
> Chad Wallace
> Sent: 21 March 2016 00:00
> To: dancer-users at dancer.pm
> Subject: Re: [dancer-users] redirects with SSL
> 
> On Sun, 20 Mar 2016 15:12:34 -0700
> Chad Wallace <cwallace at lodgingcompany.com> wrote:
> 
> >
> > > > > Our systems sit behind a load balancer which off-loads SSL, so
> > > > > dancer only ever sees http connections. It mostly does not
> > > > > matter as the load balancer handles the reverse. However using
> > > > > the built in redirect is the issue as dancer only knows that the
> > > > > connection (inside the network) is http. It is not aware that it
> > > > > actually is https. So the redirect header of course sends out an
> > > > > http link. Is there any way to configure this so it is made
> > > > > aware of the fact that it needs to be https?
> > > >
> > > > Have you tried setting the behind_proxy config parameter to true?
> > >
> > > No I was not aware of that. Looking at that now
> >
> > Did this work out for you?  I'm currently trying to deploy a similar
> > setup, with X-Forwarded-Host and X-Forwarded-Protocol as suggested in
> > Dancer2::Config, but the "behind_proxy" config setting is being
> > ornery.  I've got it set to 1 in all three config files (overkill),
> > and the "is_behind_proxy" request flag is ALWAYS 0!
> 
> > PS, I'm using Dancer2 0.152000 on Debian Jessie.
> 
> Looks like this is already fixed...
> 
> https://github.com/PerlDancer/Dancer2/issues/730
> 

Hi Chad

This works perfect for us.

In the dancer conf we have:

# Make Dancer proxy aware
behind_proxy: true

and in the apache conf:

  #So Dancer knows the protocol
  RequestHeader set X_FORWARDED_PROTO "https"


Z


More information about the dancer-users mailing list