Welcome! Log In Create A New Profile

Advanced

Redirect loop in combination with https and apache

Martijn Hodenpijl
December 23, 2013 05:08AM
Hi,

We have a setup with tomcat/apache and nginx.

When a redirect occurs from the application from https to http, the nginx
gets trapped in a redirect loop.

In the apache configuration we have this setting:

<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 month"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
..... more mimetypes

The nginx configuration has this location

location / {
proxy_pass http://def-t-site1/;
proxy_http_version 1.1;
proxy_hide_header Expires;
proxy_hide_header Last-Modified;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_cache http_def;
proxy_cache_key $scheme://$host$uri$is_args$args;
# proxy_cache_key "$scheme://$host$request_uri";
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
add_header Cache-Control "public";
add_header X-Cache-Status $upstream_cache_status;
add_header X-Via $hostname;
}

a similar setting we have for 443 port (https).

If we remove ExpiresDefault "access plus 1 month" from apache, the redirect
loop does not occur. The cache of nginx uses a TTL of 1 month after the
redirect occurs. This causes a redirect loop, since the https request is
cached as well.


So far, we tried several things
- proxy_cache_valid 200 301 0m;
No change in the TTL. The redirect loop is not solved, and the TTL is still
a month.

Then we tried to configure the expire headers in nginx. That solves the
redirect, but unfortunately
the expire headers are not set. We tried for instance:

if ($upstream_http_content_type ~ "image/jpeg") {
expires 2m;
}

or
map $upstream_http_content_type $new_cache_control_header_val {
default $upstream_http_cache_control;
"~*image/jpeg" "max-age=120, must-revalidate";
}

but these settings did not have any effect on the TTL of the images.

So, is there a way to avoid the redirect loop and set the expire header per
mimetype in nginx ?

Thanks!



--
Martijn Gijsberti Hodenpijl
Web Developer Hippo
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Redirect loop in combination with https and apache

Martijn Hodenpijl December 23, 2013 05:08AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 74
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready