All geek questions in one place

XForwardedSupport for https! support for the absence of Geroku

I am deploying an application on Heroku and trying to determine if an incoming request is secure (request.secure). This initially returns false on heroku, because nginx handles the SSL operation and communicates via simple http with the application server. Therefore, to play, read the headers that let you know the secure request that I am adding:

XForwardedSupport = 127.0.0.1

In application.conf, as recommended on bulletin boards. However, all requests (except for images) fail, without errors. It seems to be something fundamental before it gets into game magazines. Has anyone experienced this?

+6
source share
3 answers

I don’t think Play supports a way to redirect requests (proxies) to Heroku using the XForwardedSupport configuration XForwardedSupport . This needs to be set to the address of the Heroku load balancer, and there is no way to set this pre-time. Instead, you should simply look at the x-forwarded-proto request header to determine if there was a request to the Heorku balancer via http or https . Maybe something like:

  Boolean secure = false; if (request.headers.get("x-forwarded-proto") != null) { secure = request.headers.get("x-forwarded-proto").values.contains("https"); } System.out.println("secure = " + secure);

WHO: Heroku's cedar stack does not use Nginx. It uses MochiWeb , an Erlang based web server.

+6
source

thnx great time! You saved the hours of fighting heroics + game! I can confirm that when you install this in application.conf

 XForwardedSupport=all

heroku stops complaining about SIGTERM

+3
source

As indicated by @Dan Carley ticket at https://play.lighthouseapp.com/projects/57987/tickets/1406-play-123-124-playmvcrouter-does-not-fully-support-proxied-ssl#ticket-1406-4

When placed on Heroku (as Mirko pointed out) setting XForwardedSupport=all in application.conf works.

+2
source

Source: https://habr.com/ru/post/903808/

More articles:


All Articles