Chrome 和 Firefox 自动重定向到某个网站上的 https
我有一个在 nginx 和 php-fpm 上运行的 drupal 站点,并在多个服务器之间实现 haproxy 平衡。
我为 haproxy 设置了两个服务:http 和 https。
如果我访问 http://subdomain.domain.com,它工作正常。
如果我访问 https://subdomain.domain.com,它也可以正常工作。 如果我然后返回 http,它现在会重定向到 https。这种情况在 Firefox 和 Chrome 中会发生,但在 IE 中不会。
如果某个地方知道它存在,是否有一些设置会自动重定向到 https?也许如果设置了安全标头?
我尝试查看 LiveHTTPHeaders,但此时它仅显示 https 部分。
我尝试在 Chrome 中查找,它说:
t=1312233405229 [st= 0] +REQUEST_ALIVE [dt=192]
t=1312233405229 [st= 0] URL_REQUEST_START_JOB [dt= 0]
--> load_flags = 1114241 (ENABLE_LOAD_TIMING | MAIN_FRAME | VALIDATE_CACHE | VERIFY_EV_CERT)
--> method = "GET"
--> priority = 0
--> url = "http://subdomain.domain.com/"
t=1312233405229 [st= 0] +URL_REQUEST_START_JOB [dt= 0]
--> load_flags = 1114241 (ENABLE_LOAD_TIMING | MAIN_FRAME | VALIDATE_CACHE | VERIFY_EV_CERT)
--> method = "GET"
--> priority = 0
--> url = "http://subdomain.domain.com/"
t=1312233405229 [st= 0] URL_REQUEST_REDIRECTED
--> location = "https://subdomain.domain.com/"
它似乎正在执行重定向,但没有说明原因。
我尝试用 Wireshark 进行嗅探,但无法理解它,因为我无法让 SSL 解密工作(我有密钥)。
I have a drupal site that runs on nginx and php-fpm with haproxy balancing between multiple servers.
I have two services set up for haproxy: http and https.
if i go to http://subdomain.domain.com, it works fine.
If I go to https://subdomain.domain.com, it also works fine.
If I then go back to http it now redirects to https. This happens in firefox and chrome, but not in IE.
Is there some setting somewhere that redirects to https automatically if it knows that it exists? Perhaps if a secure header is set?
I tried looking at LiveHTTPHeaders, but it only shows the https portion at this point.
I tried looking in Chrome, and it says this:
t=1312233405229 [st= 0] +REQUEST_ALIVE [dt=192]
t=1312233405229 [st= 0] URL_REQUEST_START_JOB [dt= 0]
--> load_flags = 1114241 (ENABLE_LOAD_TIMING | MAIN_FRAME | VALIDATE_CACHE | VERIFY_EV_CERT)
--> method = "GET"
--> priority = 0
--> url = "http://subdomain.domain.com/"
t=1312233405229 [st= 0] +URL_REQUEST_START_JOB [dt= 0]
--> load_flags = 1114241 (ENABLE_LOAD_TIMING | MAIN_FRAME | VALIDATE_CACHE | VERIFY_EV_CERT)
--> method = "GET"
--> priority = 0
--> url = "http://subdomain.domain.com/"
t=1312233405229 [st= 0] URL_REQUEST_REDIRECTED
--> location = "https://subdomain.domain.com/"
It seems to be doing a redirect, but doesn't say why.
I tried sniffing with Wireshark, but wasn't able to make any sense of it, as I can't get the SSL decryption to work (I have the key).
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我已经弄清楚了。我在 nginx 中有一个设置:add_header Strict-Transport-Security "max-age=7200";这是 chrome 和 firefox 4 支持的新功能:chromium.org/sts
I have figured this out. I had a setting in nginx: add_header Strict-Transport-Security "max-age=7200"; This is a new feature supported by chrome and firefox 4: chromium.org/sts