Richard Frovarp schrieb: > Andreas Hartmann wrote: >> Andreas Hartmann schrieb: >> >>> Thorsten Scherler schrieb: >>> >>>> On Tue, 2007-06-26 at 12:13 +0200, Andreas Hartmann wrote: >>>> >>> [...] >>> >>> >>>>> To avoid this, we'd have to use a global SSL proxy URL for the CSS and >>>>> image URLs. IMO we should use the SSL variants of all outgoing links >>>>> on an SSL-encrypted page by default. >>>>> >>>>> WDYT? >>>>> >>>> this.ssl = _request.isSecure(); >>>> >>>> You mean something like this in the setup method of the >>>> proxyTransformer? >>>> >>> Yes, exactly. I'm not quite sure if this works reliably with SSL >>> offloading, but we'll find out. >>> >> >> When the SSL is handled by Apache, request.isSecure() returns false. >> One could try to use an SSL connector in Tomcat, but then the SSL >> encryption CPU processing coulnd't be offloaded in a clustered >> environment. >> >> A workaround might be to use different hostnames (localhost/127.0.0.1) >> in the RewriteRule statements and check for these in the >> ProxyTransformer, but that would be my last choice.
[...] > Couldn't it just use relative paths and let the browser sort out hosts > and protocols? When you need to switch between protocols (http/https) or servers (cms.example.com/www.example.com), you need complete URLs. If you don't, you can configure the ProxyTransformer to produce relative URLs. Maybe we should provide this option for the ProxyModule service too, or introduce a configurable ProxyLinkRewriter service which is used by both of them. -- Andreas -- Andreas Hartmann, CTO BeCompany GmbH http://www.becompany.ch --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
