Details
-
Bug
-
Resolution: Duplicate
-
Major
-
None
-
3.5
-
None
-
WebSphere 7, reverse HTTPS proxy
-
https, proxy
-
Unknown
-
Description
XWiki is on WebSphere behind a reverse proxy which is reached using https and communicate with WebSphere in HTTP. The issue is that the external URL generated by XWiki and provided to sendRedirect has http instead of https in the URL scheme. XWiki expect ServletRequest#isSecure to return true if the client request is a https request but for some reason it's not the case here which makes XWiki produce proper external URL except for the scheme (host and port are properly resolved).
I have been able to fix this use case by making com.xpn.xwiki.web.getRedirect return a relative URL instead of an absolute one. Even if redirect has to be an absolute URL in the actual HTTP request a Servlet can delegate the resolution of the scheme/host/port to the application server. IMO that's the way to go, XWiki should always return relative URL whenever it's possible.
Attachments
Issue Links
- duplicates
-
XWIKI-7699 Should always use relative URL with sendRedirect
- Closed
- is related to
-
XWIKI-5386 URLs created behind a reverse proxy are absolute and don't preserve https protocol
- Closed
-
XWIKI-7637 Wrong external URL behind a https proxy on WebSphere
- Closed