Re: Page links returned as http, not https or relative

Sun, 19 Dec 2021 00:36:03 -0800 

Hi Geoff,

I can't reproduce the behavior in our setup, redirecting with relative URLs
while HTTPS works fine.

Which Servlet Container are you using?
AFAIK it's the responsibility of the container to do the right thing and
how to handle relative URLs from sendRedirect.

What's in the "Location" header of the response?
Still a relative URL, or already the HTTP version?

Cheers,
Ben


On Sun, Dec 19, 2021 at 5:59 AM JumpStart <
geoff.callender.jumpst...@gmail.com> wrote:

> I forgot to mention that HTTPS terminates at the load balancer. The app
> server sees just AJP or HTTP.
>
> > On 19 Dec 2021, at 12:10 pm, JumpStart <
> geoff.callender.jumpst...@gmail.com> wrote:
> >
> > Hi all,
> >
> > At long last I’ve moved redirection of HTTP to HTTPS from the app to the
> infrastructure, and set tapestry.secure-enabled <
> https://tapestry.apache.org/configuration.html>=false as recommended in
> https://tapestry.apache.org/https.html <
> https://tapestry.apache.org/https.html> . But now I’m hitting an age-old
> issue: page links are returning absolute URIs with “http” protocol. For
> example:
> >
> >                       Link pageDeniedLink =
> pageRenderLinkSource.createPageRenderLinkWithContext(PageDenied.class,
> >                                       parameters.getLogicalPageName());
> >                       response.sendRedirect(pageDeniedLink);
> >                       break;
> >
> > pageDeniedLink is a relative address, but it seems to be converted to an
> absolute address with “http://“ by the time it gets back to the browser.
> >
> > This appears to have been an issue for a long time, but must have been
> solved, so is there a config change I need to make?
> >
> > From
> https://users.tapestry.apache.narkive.com/dapo2zzk/url-writing-problem-with-production-mode-true
> <
> https://users.tapestry.apache.narkive.com/dapo2zzk/url-writing-problem-with-production-mode-true>
> :
> >
> > "To be clear, it's not an HTTP/HTTPS problem I encountered, it was a
> > relative/absolute URL problem. With it off, the URLs were relative and
> > happy under HTTPS, with it on, the URLs were then set to absolute and
> > used HTTP.”
> >
> > Cheers,
> >
> > Geoff
>
>

Reply via email to