Why does redirecting from HTTPS to HTTP fail in this Rails 4 app (OpenShift)? -

-

when user on http, can redirect him https (ssl) variant so:

redirect_to { protocol: 'https://', domain: 'ssl.tld' }

however, when want do reverse, creates infinite redirection loop. i've tried several variants. mention some:

redirect_to { protocol: 'http://', domain: 'nonssl.tld' }

redirect_to "http://nonssl.tld#{request.fullpath}"

the loop, according log:

000.000.000.000 - - [21/apr/2016:18:50:04 -0100] "get /en http/1.1" 302 887 "https://ssl.tld/en/users/sign_in" "= the_user_agent_here"

whereas https://ssl.tld/en/users/sign_in apparantly referrer/the current page before redirection.

i wonder why get shows path opposed url - given redirect_to "http://nonssl.tld#{request.fullpath}" should explicitly considered absolute url, according docs.

update here relevant part application_controller's before_action:

exceptions = ['errors', 'subscriptions', 'users'] ssl_is_mandatory = ! exceptions.include?(controller_name) currently_on_ssl = request.ssl?  if currently_on_ssl   if !current_user && !ssl_is_mandatory     logger.debug "#{__method__}: visitor on ssl, ssl not desired. redirecting non_ssl"     redirect_to "http://my.domain#{request.fullpath}"   end  else   if current_user || ssl_is_mandatory     logger.debug "#{__method__}: on no-ssl, user in session or ssl mandatory. redirecting ssl"     redirect_to { protocol: 'https://', domain: 'my.ssldomain' }   end end

update: requested marc in comments, here request headers:

request headers ssl domain

# curl -s -i https://ssl.tld http/1.1 302 found date: mon, 02 may 2016 23:33:34 gmt server: apache/2.2.15 (red hat) x-frame-options: sameorigin x-xss-protection: 1; mode=block x-content-type-options: nosniff cache-control: no-cache x-request-id: 8d182c5e-cec6-46c0-b845-eafe2d313fe2 x-runtime: 0.005948 x-powered-by: phusion passenger 4.0.18 location: https://ssl.tld/en content-length: 895 status: 302 found content-type: text/html; charset=utf-8 set-cookie: gear=local-554148915973ca816300021b; path=/  # curl -s -i https://ssl.tld/en http/1.1 200 ok date: mon, 02 may 2016 23:33:52 gmt server: apache/2.2.15 (red hat) x-frame-options: sameorigin x-xss-protection: 1; mode=block x-content-type-options: nosniff etag: "acf44db83201e4da25659ab8545936b3" cache-control: max-age=0, private, must-revalidate x-request-id: 671d9407-0cdd-4401-9537-abff660e1b18 x-runtime: 0.078496 x-powered-by: phusion passenger 4.0.18 content-length: 10964 status: 200 ok content-type: text/html; charset=utf-8 cache-control: private set-cookie: gear=local-554148915973ca816300021b; path=/ vary: accept-encoding

request headers nonssl domain

# curl -s -i http://nonssl.tld http/1.1 302 found date: mon, 02 may 2016 23:34:16 gmt server: apache/2.2.15 (red hat) x-frame-options: sameorigin x-xss-protection: 1; mode=block x-content-type-options: nosniff cache-control: no-cache x-request-id: 9f7b4341-0489-48fa-b15d-b45f787db690 x-runtime: 0.007811 x-powered-by: phusion passenger 4.0.18 location: http://nonssl.tld/en content-length: 873 status: 302 found content-type: text/html; charset=utf-8 set-cookie: gear=local-554148915973ca816300021b; path=/  # curl -s -i http://nonssl.tld/en http/1.1 200 ok date: mon, 02 may 2016 23:34:47 gmt server: apache/2.2.15 (red hat) x-frame-options: sameorigin x-xss-protection: 1; mode=block x-content-type-options: nosniff etag: "05294c86e7f806ebf2e90c5f52fd7497" cache-control: max-age=0, private, must-revalidate x-request-id: 25a0ac8c-6cba-4a83-9a15-b95474436a3e x-runtime: 0.290131 x-powered-by: phusion passenger 4.0.18 content-length: 10877 status: 200 ok content-type: text/html; charset=utf-8 cache-control: private set-cookie: gear=local-554148915973ca816300021b; path=/ vary: accept-encoding

update

i further simplified redirection code in application_controller's before_action:

def debug_toggle_ssl   if params[:x].eql?('yes')     redirect_to "http://nonssl.tld#{request.fullpath}"   end end

so now, reproduce issue:

  1. go https://ssl.tld
  2. try go https://ssl.tld/?x=yes
  3. notice how loop https://ssl.tld caused (http://nonssl.tld never requested)


Comments

Post a Comment

Popular posts from this blog

html - Styling progress bar with inline style -

-
i trying set progress bar color red using inline style. need in way because have access <body> part of document. style need apply: progress { color: red } progress::-moz-progress-bar { background: red;} progress::-webkit-progress-value { background: red; } progress[aria-valuenow]:before { background: red; } i tried <progress style="background: red;"> incorrect effect, progress bar color turns blue red background. guide right direction desired style? thank in advance. here live example: https://jsfiddle.net/z36d3f6l/
Read more

java - Oracle Sql developer error: could not install some modules -

-
i have downloaded fresh copy of sqldeveloper ( sqldeveloper-4.1.3.20.78-no-jre ) oracle website. when unzip , lauch gui, keep getting following error message: warning - not install modules: dynamic module config - no module providing capability org.netbeans.netbinox found. my system: windows 7 32 bit hp probook. jdk 1.6 , 1.7, 1.8 available in java/jdk subdirectory. netbeans 8.0.2 installed finally got way out after dirty hours. extracted sqldeveloper zip in nested directory. i.e: e://a/b/c/sqldeveloper. starting sqldeveloper gui above directory threw erros. solution: go in c:\users**username**\appdata\roaming : delete sql developer , sqldeveloper folders extract sql developer zip in new non nested directory. i.e: e:// start , should work now reference: https://community.oracle.com/thread/3870680?start=0&tstart=0
Read more

How to use autoclose brackets in Jupyter notebook? -

-
this may sound silly question, how make use of autoclose brackets in jupyter notebook? example, when type print( jupyter notebook auto-closes brakets print() and places cursor inside. type argument, say print(1 + 1) now cursor between second 1 , right bracket ) . key navigate right of ) ? of course can press end or → or ) achieve this, not seem save time, purpose of brackets autoclose suppose? thanks in advance.
Read more