http转换为https进入无限循环
我想在jsp中将我的页面http://重定向到https://。
我有一些代码,但它带来了一些问题。
<%
String req_protocol = request.getProtocol().toLowerCase();
String convertHttps = req_protocol.substring(0, req_protocol.indexOf("/")).toLowerCase();
if(convertHttps.equals("http")){
response.sendRedirect("https://xyz.com/signup/signup.jsp");
}
%>
它给出的错误页面为“无限循环”。
I want to redirect my page http:// to https:// in jsp.
I have some code with me, but it is giving some problems.
<%
String req_protocol = request.getProtocol().toLowerCase();
String convertHttps = req_protocol.substring(0, req_protocol.indexOf("/")).toLowerCase();
if(convertHttps.equals("http")){
response.sendRedirect("https://xyz.com/signup/signup.jsp");
}
%>
it is giving error page as "infinite loop".
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
使用
request.isSecure()来确定其是http://还是https://这种转换更适合
Filter还是Servlet而不是 jspUse
request.isSecure()to determine whether itshttp://orhttps://This transition is better suited in
FilterorServletrather than jsp您没有过多提及您的环境,但还有其他一些需要记住的事情。
除了 org.life.java 提到的之外,如果您的应用程序服务器前面有反向代理(例如 Tomcat、Glassfish 等前面的 Apache 或 Pound),那么 SSL 请求可能会被终止在代理处,传递到容器/应用程序服务器的请求只是 HTTP。在这种情况下,您通常希望代理服务器在请求上设置标头,以便 Java 端可以确定它是安全请求。
如果不这样做,将导致无限重定向,因为 Java 端将始终检测到它是 HTTP 并重定向。
You didn't mention much about your environment, but here's something else to keep in mind.
In addition to what org.life.java mentioned, if you have a reverse proxy in front of your application server (think Apache or Pound in front of Tomcat, Glassfish, etc.), then it is possible that the SSL request is being terminated at the proxy and that the request that gets passed on to the container/application server is just HTTP. In this case, you would typically want to have the proxy server set a header on the request so that the Java side can determine that it is a secure request.
Failure to do that will cause an infinite redirect, since the Java side will always detect that it is HTTP and redirect.