Welcome! Log In Create A New Profile

Re: listen proxy_protocol and rewrite redirect scheme

Forum List Message List New Topic Print View

Francis Daly

September 25, 2016 04:38AM

On Thu, Sep 22, 2016 at 07:57:17AM -0400, adrhc wrote:

Hi there,

> I'm just a bit surprised that "port_in_redirect off" does not also
> work. But that's ok -- I'm often surprised.
> There's a "if" in src/http/ngx_http_header_filter_module.c which changes
> port's value from 443 to 0 when on ssl + port initially 443 so
> https://adrhc.go.ro/ffp_0.7_armv5 would redirect to http when
> port_in_redirect is off.

Ah, right, that makes sense.

As it happens, that is only necessary because your extra patch cares
about when port=443. Potentially, a fuller solution to the "use https
redirects even though this is http" question would not care about "port",
and so "port_in_redirect" would not matter then.

But as I said: what you have works for you, and is therefore good as-is.

> "... but I don't know what is the set of conditions under which you would
> want this ssl-rewrite to happen, and how you would go about configuring
> that."
> I'm not sure I understand what you mean (my bad english); the entire setup
> is one allowing me to access my home server through the corporate firewall
> wile not breaking what I already have (my web sites):

My intention was: *if* there were to be some directive or variable in
nginx that could be set to get nginx to use https redirects even though
nginx believes that the connection is over http; *then* how and where
would that directive or variable be set?

Until the "then" has a clear answer, the "if" will not happen.

But also: it does not matter right now. You have an adequate solution for
you; if someone else has the same problem and wants a fuller solution,
they can worry about it then.

> "It looks like nobody else has had that particular use case ..."
> This seems odd for me; I'm sure I'm not the only guy starving for open ports
> to internet (only 80 and 443 allowed) :D

Possibly other people came up with different solutions, or did not use
nginx in the same way that you are using it.

Anyway - it is good that you found a solution, and thanks for having
shared it.

Cheers,

f
--
Francis Daly francis@daoine.org

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
listen proxy_protocol and rewrite redirect scheme	adrhc	September 16, 2016 11:12AM
Re: listen proxy_protocol and rewrite redirect scheme	Francis Daly	September 16, 2016 02:48PM
Re: listen proxy_protocol and rewrite redirect scheme	adrhc	September 17, 2016 02:36AM
Re: listen proxy_protocol and rewrite redirect scheme	adrhc	September 17, 2016 03:11AM
Re: listen proxy_protocol and rewrite redirect scheme	Francis Daly	September 17, 2016 08:12AM
Re: listen proxy_protocol and rewrite redirect scheme	adrhc	September 17, 2016 09:25AM
Re: listen proxy_protocol and rewrite redirect scheme	adrhc	September 17, 2016 11:24AM
Re: listen proxy_protocol and rewrite redirect scheme	adrhc	September 17, 2016 12:05PM
Re: listen proxy_protocol and rewrite redirect scheme	Francis Daly	September 17, 2016 08:24AM
Re: listen proxy_protocol and rewrite redirect scheme	adrhc	September 17, 2016 01:42PM
Re: listen proxy_protocol and rewrite redirect scheme	adrhc	September 17, 2016 01:51PM
Re: listen proxy_protocol and rewrite redirect scheme	Francis Daly	September 20, 2016 03:38PM
Re: listen proxy_protocol and rewrite redirect scheme	adrhc	September 21, 2016 03:25AM
Re: listen proxy_protocol and rewrite redirect scheme	Francis Daly	September 21, 2016 12:44PM
Re: listen proxy_protocol and rewrite redirect scheme	adrhc	September 22, 2016 07:57AM
Re: listen proxy_protocol and rewrite redirect scheme	Francis Daly	September 25, 2016 04:38AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 302

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018