hunchentoot icon indicating copy to clipboard operation
hunchentoot copied to clipboard

Published 20 hours ago verified publisher icon edicl

Incorrect redirection to HTTP when application is served using HTTPS reverse proxy

Open flux77 opened this issue 2 years ago • 1 comments

(hunchentoot:redirect ...) redirects to HTTP even when the Hunchentoot web application is served by a reverse proxy that uses HTTPS. If I place a Nginx reverse proxy in front of a Hunchentoot web app, and configure Nginx to serve the web application using HTTPS, Hunchentoot will not know to use HTTPS when redirecting. This is because Hunchentoot does not look at the Forwarded and/or X-Forwarded-Proto HTTP headers that provide information about which protocol Hunchentoot should be using to redirect.

(This bug report is based on this Stack Overflow question: How to redirect to HTTPS when Hunchentoot is behind a reverse proxy)

flux77 avatar May 03 '22 09:05 flux77

Think this is important. Is it possible to fix this, please? Thank you!

rpx99 avatar May 05 '23 18:05 rpx99