Hrrmmmm.....
And now it seems to have resolved itself. I honestly don't know what fixed
it.
On Wednesday, December 5, 2012 6:31:48 PM UTC-6, Brian Lewis wrote:
>
> Hello All,
>
> I've been racking my brain on this for a couple of days and figured I'd
> post here before I refactor my entire setup. Basically what we are doing
> is, we have two servers - one is a standard apache web node that acts as a
> proxy server and terminates SSL, then we have reviewboard being proxied
> behind that.
>
> I've got everything setup and working with the exception of one piece. I
> can upload a diff, I can add titles, descriptions, reviewers, etc. Tracing
> the requests I can see that https is being returned as the request URL,
> HOWEVER, when you go to publish a review, we get a 304 error and the
> request URL is a non-https link.
>
> I'm doing the rewriting from the web node directly, with a mod_rewrite
> specifically calling out that its proxied (but changing or completely
> removing the options doesn't make any difference) For reference, here's the
> rewrite ::
>
> RewriteCond %{HTTPS} off
> RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,P,PT,L]
>
>
> When I click on publish, essentially I see two requests (and nothing at
> all in the debug logs, etc) The first ::
>
> Request
> URL:*https://reviewboard.boku.com/reviews/api/review-requests/189/?api_format=json
>
> <https://reviewboard.boku.com/reviews/api/review-requests/189/?api_format=json>*
> Request Method:GET
> Status Code:304 NOT MODIFIED
> Request Headersview source
> Accept:application/json, text/javascript, */*
> Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
> Accept-Encoding:gzip,deflate,sdch
> Accept-Language:en-US,en;q=0.8
> Cache-Control:max-age=0
> Connection:keep-alive
> Cookie:rbsessionid=bbf077166394571eaaf514053e6c4691;
> __utma=109258518.568604164.1352840613.1352938162.1354736370.4;
> __utmc=109258518; __utmz=109258518.1352929269.2.2.utmcsr=google|utmccn=(
> organic)|utmcmd=organic|utmctr=(not%20provided); csrftoken=
> b6dec71b9219e2090d9d98acf203e1f4
> Host:reviewboard.boku.com
> If-Modified-Since:Wed, 05 Dec 2012 22:02:11 GMT
> Referer:https://reviewboard.boku.com/reviews/r/189/
> User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5)
> AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
> X-Requested-With:XMLHttpRequest
> Query String Parametersview URL encoded
> api_format:json
> Response Headersview source
> Cache-Control:max-age=0
> Connection:close
> Date:Thu, 06 Dec 2012 00:12:46 GMT
> Expires:Thu, 06 Dec 2012 00:12:48 GMT
> Server:Apache/2.2.15 (CentOS)
> Vary:Accept,Cookie,Accept-Language
>
> The second ::
>
>
> Request
> URL:*http://reviewboard.boku.com/reviews/api/review-requests/189/draft/
> <http://reviewboard.boku.com/reviews/api/review-requests/189/draft/>*
> Request Method:OPTIONS
> Status Code:200 OK
> Request Headersview source
> Accept:*/*
> Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
> Accept-Encoding:gzip,deflate,sdch
> Accept-Language:en-US,en;q=0.8
> Access-Control-Request-Headers:origin, x-requested-with, content-type,
> accept
> Access-Control-Request-Method:PUT
> Connection:keep-alive
> Host:reviewboard.boku.com
> Origin:https://reviewboard.boku.com
> User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5)
> AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
> Response Headersview source
> Allow:GET,HEAD,POST,OPTIONS
> Connection:close
> Content-Length:0
> Content-Type:text/plain; charset=UTF-8
> Date:Thu, 06 Dec 2012 00:12:48 GMT
> Server:Apache
>
>
> literally every other request comes in via HTTPS, clicking on links,
> performing actions, etc. the ONLY thing that fails is publishing. I'm not
> sure what to do next at this point so I wanted to see if anyone had ever
> run into this. Below I will also paste the apache config for the proxy/ssl
> term server and the web head for comparison.
>
>
> SSL Proxy ::
>
> <VirtualHost 192.168.200.124:443>
>
> ServerName reviewboard.COMPANYNAME.com
> <http://reviewboard.companyname.com/>
>
> SSLEngine on
>
> SSLProtocol all -SSLv2
>
> SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
>
> SSLCertificateFile /etc/pki/entrust-certs/
> star.COMPANYNAME.com/star.COMPANYNAME.com.crt
> <http://star.companyname.com/star.COMPANYNAME.com.crt>
>
> SSLCertificateKeyFile /etc/pki/entrust-certs/
> star.COMPANYNAME.com/star.COMPANYNAME.com.key
> <http://star.companyname.com/star.COMPANYNAME.com.key>
>
> SSLCACertificateFile /etc/pki/entrust-certs/
> star.COMPANYNAME.com/star.COMPANYNAME.com_bundle.crt
> <http://star.companyname.com/star.COMPANYNAME.com_bundle.crt>
>
> # SSLCertificateFile /etc/pki/tls/certs/COMPANYNAME.com.crt
>
> # SSLCertificateKeyFile /etc/pki/tls/certs/COMPANYNAME.com.key
>
> # SSLCACertificateFile /etc/pki/tls/certs/gd_bundle.crt
>
>
> # Default to not cache anything
>
> ExpiresActive On
>
> ExpiresDefault "access plus 0 seconds"
>
>
> # Cache just images
>
> ExpiresByType image/gif "access plus 10 minutes"
>
> ExpiresByType image/jpg "access plus 10 minutes"
>
> ExpiresByType image/png "access plus 10 minutes"
>
>
> proxyPreserveHost On
>
> ProxyRequests On
>
>
> ProxyPass / http://reviewboard01.local-COMPANYNAME.net:8080/
> <http://reviewboard01.local-companyname.net:8080/>
>
> ProxyPassReverse / http://reviewboard01.local-COMPANYNAME.net:8080/
> <http://reviewboard01.local-companyname.net:8080/>
>
> <Location />
>
> ProxyPassReverse /
>
> Order deny,allow
>
> Allow from all
>
> </Location>
>
> RequestHeader edit Location ^http://reviewboard.COMPANYNAME.com/
> <http://reviewboard.companyname.com/> https://reviewboard.COMPANYNAME.com/
> <https://reviewboard.companyname.com/>
>
>
> CustomLog /var/log/httpd/reviewboard.COMPANYNAME.com-access.log common
>
> ErrorLog /var/log/httpd/reviewboard.COMPANYNAME.com-error.log
>
> SetEnv HTTPS on
>
>
> </VirtualHost>
>
>
> <VirtualHost *:80>
>
> ServerName reviewboard.COMPANYNAME.com
> <http://reviewboard.companyname.com/>
>
> #RewriteEngine on
>
>
> # Rewrite traffic back to https://reviewboard.COMPANYNAME.com
> <https://reviewboard.companyname.com/>
>
> # RewriteCond %{SERVER_NAME} reviewboard.COMPANYNAME.com
> <http://reviewboard.companyname.com/>
>
> # RewriteCond %{HTTPS} !=on
>
> # RewriteRule ^/(.*)$ https://reviewboard.COMPANYNAME.com/$1
> <https://reviewboard.companyname.com/$1> [R=301,PT]
>
>
> RewriteCond %{HTTPS} off
>
> RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R=301,P,PT,L]
>
>
> CustomLog /var/log/httpd/reviewboard.COMPANYNAME.com-access.log common
>
> ErrorLog /var/log/httpd/reviewboard.COMPANYNAME.com-error.log
>
> SetEnv HTTPS on
>
> </VirtualHost>
>
>
>
> Web Node/Node running Reviewboard
>
>
> Listen 8080
>
> <VirtualHost *:8080>
>
> SetEnv HTTPS on
>
> ServerName reviewboard01.local-COMPANYNAME.net
> <http://reviewboard01.local-companyname.net/>
>
> DocumentRoot "/var/www/reviewboard/htdocs"
>
> #LogLevel debug
>
> # Error handlers
>
> ErrorDocument 500 /errordocs/500.html
>
>
> WSGIPassAuthorization On
>
> WSGIScriptAlias "/reviews"
> "/var/www/reviewboard/htdocs/reviewboard.wsgi/reviews"
>
> <Directory "/var/www/reviewboard/htdocs">
>
> AllowOverride All
>
> Options -Indexes FollowSymLinks
>
> Allow from all
>
> </Directory>
>
>
> # Alias static media requests to filesystem
>
> Alias /reviews/media "/var/www/reviewboard/htdocs/media"
>
> Alias /reviews/errordocs "/var/www/reviewboard/htdocs/errordocs"
>
> Alias /reviews/favicon.ico
> "/var/www/reviewboard/htdocs/media/rbcommons/images/favicon.png"
>
>
> Any help here would be greatly appreciated!
>
>
> Best,
>
> Brian
>
--
Get the Review Board Power Pack at http://www.reviewboard.org/powerpack/
---
Sign up for Review Board hosting at RBCommons: https://rbcommons.com/
---
Happy user? Let us know at http://www.reviewboard.org/users/
---
You received this message because you are subscribed to the Google Groups
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
