DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8752>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=8752 HTTPS redirect fails if using welcome-file ------- Additional Comments From [EMAIL PROTECTED] 2003-09-26 18:30 ------- I have just double checked this with the test case provided. This is absolutely, definitely, postively, certainly and without the slightest iota of doubt NOT a tomcat bug. This is an IE bug. I have tried exactly the same test case with Mozilla and it works perfectly. You see it when there is a sequence of two redirects. In this case there is one redirect to use SSL and another to the welcome page (I haven't bothered to check the order in which this happens in but I am fairly sure it is SSL first). This is what happens: When the page is requested, Tomcat first redirects to SSL and then performs a second redirect to the welcome file. The response sent by IE to the first redirect comes in on port 8443 but the request headers refer to port 8080 (read in org.apache.coyote.http11.Http11Processor.parseHost()). This causes the second redirect to fail because the port in the request is used when constructing the second redirect. You will not see this problem if the standard ports are used because standard ports are not included in the request and Tomcat defaults to these if the port is not specified in the headers. Work arounds are: 1. Use the standard ports 2. Use a two stage re-direct I initiated a discussion on tomcat-dev about options to solve this a few months ago and after going around in circles, concluded that the best thing to do was to leave it as is. The main reasons for this were: - It is an IE not a tomcat bug - Production systems tend to use standard ports and will therefore be fine - All of the fixes identified broke something else or intoduced security issues. If you search the tomat-dev archives for "13861" you should find the various e- mails that went back and forth. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
