Is there a SSL terminating proxy or load balancer in front of the new installation? x-forwarded-port is more standard and dependable in that case. The other headers are from mod_webobjects.
Chuck On 2017-04-07, 9:31 AM, "Webobjects-dev on behalf of OC" <[email protected] on behalf of [email protected]> wrote: Hi there, my ages-old code to support SSL - gets the request - checks its server_port and x-webobjects-server-port headers - if at least one of them is 443, we were accessed under SSL and all is well and swell. Otherwise, it generates 302 and HTTPS URL to re-direct to the same page under SSL. So far it worked like a charm for long long years. Now I am told that on a new installation on a new product server (I believe it is a Mac OS X 10.11) the redirections keep coming. Having added extra logs, I have found that (a) the server_port is always 80, even when the application is accessed through HTTPS (b) nevertheless, the request contains a header x-forwarded-port with the proper value of 443 Does someone here understand this stuff? Should I check the x-forwarded-port header first, and if it is 443, can I safely ignore server_port and assume the access to application was SSL-protected? Or should I tell them they need to fix their Apache settings, or whatever? Thanks a lot, OC _______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/chill%40gevityinc.com This email sent to [email protected] _______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
