HTTPS redirects behind a reverse HTTPS terminating proxy
Brought to you by:
sindre_mehus
Menu
▾
▴
1 Attachments
#23 HTTPS redirects behind a reverse HTTPS terminating proxy
When Subsonic uses HTTP behind a reverse proxy that terminates incoming HTTPS, redirects performed by Subsonic will redirect to HTTP and not HTTPS.
This patch makes Subsonic redirect to HTTPS.
See:
- http://jira.codehaus.org/browse/JETTY-264
- http://wiki.eclipse.org/Jetty/Tutorial/Apache#Configuring_mod_proxy_http
Example Apache HTTPD mod_proxy configuration:
ProxyPreserveHost On <Location /subsonic> ProxyPass http://localhost:8081/subsonic retry=0 ProxyPassReverse http://localhost:8081/subsonic Allow from all </Location> <LocationMatch "/subsonic(?!(/stream|coverArt.view))"> SSLRequireSSL RequestHeader set X-Forwarded-Proto https </LocationMatch>
The attached patch has been generated by svn diff.
Discussion
Anonymous
View and moderate all "patches Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Patches"
Any progress on this?
I am finding that I cannot use an SSL terminating proxy with subsonic because it ignores the standard header fields.
View and moderate all "patches Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Patches"
Please implement something like this. It is much easier to setup letsencrypt using a reverse proxy rather than making it work with jetty.
View and moderate all "patches Discussion" comments posted by this user
Mark all as spam, and block user from posting to "Patches"
I'm having the same problem. Any news?
I found a solution which applies the NGINX, this may have an equivilant in apache. This basically seems to correct any redirects so that they go to https instead of http
proxy_redirect http:// $scheme://;
https://serverfault.com/questions/372886/prevent-nginx-from-redirecting-traffic-from-https-to-http-when-used-as-a-reverse