WebFaction
Community site: login faq
0
1

I have a site at example.webfactional.com with a static cgi app bound at /test (nothing modified after app creation). Via http the following redirections are automatically performed (which is fine) :

http://example.webfactional.com/test => http://example.webfactional.com/test/
http://example.webfactional.com/test?bla => http://example.webfactional.com/test/?bla

However if I set the access of the site via https the following redirections occur :

https://example.webfactional.com/test => http://example.webfactional.com/test/
https://example.webfactional.com/test?bla => http://example.webfactional.com/test/?bla

That is they redirect to http instead of https. Is there a way to get them to redirect to https without going through http ?

asked 21 Mar '11, 22:58

Daniel
11114
accept rate: 0%

edited 21 Mar '11, 23:06

I have reconstructed this configuration on a test account and have not experienced this behavior; i.e:

https://example.webfactional.com/test => https://example.webfactional.com/test/

Can you create an example of a parallel application with URL we can see to help debug this? Thanks!

(22 Mar '11, 00:01) ryans ♦♦

https://cira.webfactional.com/test

(22 Mar '11, 05:01) Daniel

This is an old question but I ran into the same problem, so to help whomever also comes across this...

Your application is behind a proxy, namely Apache. Only Apache listens on port 443 (HTTPS). Whenever it receives a request, it decrypts it and forwards it (via HTTP) to your webserver (running on a high port) and your web app. Therefore, your app sees the request as coming via HTTP. Apache has basically stripped the information on whether the request came via HTTP or HTTPS.

When you do a redirect, your app reformats the request and since it thinks it came via HTTP, it forwards it to HTTP.

There are two ways to go about this. If your application should only be accessible via HTTPS, you can specify the proxy base address. Eg. in CherryPy:

'tools.proxy.on': True, 'tools.proxy.base': 'https://cira.webfactional.com/test'

Redirect will now always use 'https://cira.webfactional.com/test' as the base address and you'll be fine.

If your application should be accessible both via HTTP and HTTPS, it's a bit more complicated. Apache should be configured to set a special header in the request using which you can tell whether the request originally came via HTTPS or HTTP. Then you check this header in the application to construct the appropriate redirect.

Hope this is helpful!

permanent link
This answer is marked "community wiki".

answered 07 Mar '12, 06:10

bojanb
112
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×76
×75
×28

question asked: 21 Mar '11, 22:58

question was seen: 15,033 times

last updated: 07 Mar '12, 06:10

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2019 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM