[Solved] Location redirects not getting rewritten in mod_proxy
Added by nethead25 about 2 years ago
Hi,
I'm trying to set up an SSL reverse proxy with lighttpd v1.4.55 and am running into an issue.
I have an HTTP-only application on port 8069 that I want to access via HTTPS on port 8070. The issue I am running into is that the application itself has some redirects baked in that are sending an http:// protocol header in the new URL like this:
< HTTP/1.1 303 See Other < Content-Type: text/html; charset=utf-8 < Content-Length: 227 < Location: http://thing.domain.com:8070/web/login
If I manually paste the Location: into Chrome and add the https://, everything works fine. But this header is getting passed back directly to Chrome and is not getting redirected again to the HTTPS site, just returning an empty response. I've tried a few different versions of map-host-response and https-remap settings without any change.
Is there a way to have lighttpd intercept the Location: line and replace http with https?
server.modules += ( "mod_alias", "mod_proxy", "mod_openssl" ) $SERVER["socket"] == ":8070" { $HTTP["scheme"] == "http" { $HTTP["host"] =~ "(.*)" { url.redirect = ("^/(.*)" => "https://%1/$1" ) url.redirect-code = 308 } } # $HTTP["scheme"] == "https" { ssl.engine = "enable" ssl.pemfile = "/etc/lighttpd/combined.pem" ssl.ca-file = "/etc/lighttpd/fullchain.pem" ssl.cipher-list = "EECDH+AESGCM:EDH+AESGCM:AES128+EECDH:AES128+EDH" ssl.honor-cipher-order = "enable" ssl.use-sslv2 = "disable" ssl.use-sslv3 = "disable" ssl.use-compression = "disable" proxy.server = ( "" => ( ( "host" => "127.0.0.1", "port" => "8069" ) ) ) proxy.header = ("map-host-response" => ("http:" => "https:"), "https-remap" => "enable") } }
Replies (2)
RE: Location redirects not getting rewritten in mod_proxy - Added by gstrauss about 2 years ago
proxy.header = ("map-host-response" => ("http:" => "https:"), "https-remap" => "enable")
"map-host-response"
is for the the "host"/authority. http and https are schemes, not the authority.
You need to specify the authority in "map-host-response"
, and only when that matches does "https-remap" => "enable"
also take effect.
e.g. proxy.header = ("map-host-response" => ("-" => "thing.domain.com:8070"), "https-remap" => "enable")
RE: [Solved] Location redirects not getting rewritten in mod_proxy - Added by nethead25 about 2 years ago
That worked! Thank you so much.