Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-7632

Wrong redirect behind a https proxy on WebSphere when clicking on save&view

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Duplicate
    • Affects Version/s: 3.5
    • Fix Version/s: None
    • Component/s: Old Core
    • Labels:
      None
    • Environment:
      WebSphere 7, reverse HTTPS proxy
    • keywords:
      https, proxy
    • Difficulty:
      Unknown
    • Similar issues:

      Description

      XWiki is on WebSphere behind a reverse proxy which is reached using https and communicate with WebSphere in HTTP. The issue is that the external URL generated by XWiki and provided to sendRedirect has http instead of https in the URL scheme. XWiki expect ServletRequest#isSecure to return true if the client request is a https request but for some reason it's not the case here which makes XWiki produce proper external URL except for the scheme (host and port are properly resolved).

      I have been able to fix this use case by making com.xpn.xwiki.web.getRedirect return a relative URL instead of an absolute one. Even if redirect has to be an absolute URL in the actual HTTP request a Servlet can delegate the resolution of the scheme/host/port to the application server. IMO that's the way to go, XWiki should always return relative URL whenever it's possible.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                tmortagne Thomas Mortagne
                Reporter:
                tmortagne Thomas Mortagne
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: