You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm using redirect_to because the site is behind a reverse proxy that routes different paths to different hosts, so the Host header that gets passed to this particular server is something totally different and not user-friendly, like ec2-1234.aws.amazon.com. I really only want Rack::SslEnforcer to redirect if the protocol is http instead of https. But currently because of redirect_required?, this actually causes a redirect loop. Is this behavior intentional? It seems like it's beyond the scope of this gem to always canonicalize the hostname.
I can work around the problem like this: ignore: -> (request) { request.env['HTTP_X_FORWARDED_PROTO'] == 'https' }
The text was updated successfully, but these errors were encountered:
aripollak
changed the title
use_redirect always forcing redirect, even for HTTP
use_redirect always forcing redirect, even for HTTPS
May 20, 2016
Currently, I have the following configuration:
I'm using
redirect_to
because the site is behind a reverse proxy that routes different paths to different hosts, so the Host header that gets passed to this particular server is something totally different and not user-friendly, likeec2-1234.aws.amazon.com
. I really only want Rack::SslEnforcer to redirect if the protocol is http instead of https. But currently because of redirect_required?, this actually causes a redirect loop. Is this behavior intentional? It seems like it's beyond the scope of this gem to always canonicalize the hostname.I can work around the problem like this:
ignore: -> (request) { request.env['HTTP_X_FORWARDED_PROTO'] == 'https' }
The text was updated successfully, but these errors were encountered: