XForwarded支持https播放!对 Heroku 的支持失败

发布于 12-21 07:05 字数 294 浏览 3 评论 0原文

我正在 Heroku 上部署一个应用程序,并尝试确定传入的请求是否安全(request.secure)。这最初在 Heroku 上返回 false,因为 nginx 处理 SSL 工作并通过纯 http 与应用程序服务器进行通信。因此,为了让 play 读取标头,让我们知道这是一个安全请求,我添加:

XForwardedSupport=127.0.0.1

按照 play 留言板中的建议添加到 application.conf。但是,所有请求(图像除外)都会失败且没有错误。这似乎是在进入播放日志之前发生的一些基本事情。有人经历过这个吗?

I am deploying an app on Heroku and trying to determine whether the request coming in is secure (request.secure). This is initially returning false on heroku because nginx handles the SSL work and communicates over plain http to the app server. So to let play read the headers that let is know it's a secure request I add:

XForwardedSupport=127.0.0.1

To application.conf as recommended in the play message boards. However, then all requests (except for images) fail with no error. It seems to be something fundamental happening before it hits the play logs. Has anyone experienced this?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

蓝眼睛不忧郁2024-12-28 07:05:13

非常感谢!您节省了与heroku+play 斗争的时间!
我可以确认,当你在 application.conf 中设置这个时,

XForwardedSupport=all

heroku 会停止抱怨 SIGTERM

thnx big time! you saved hours of struggling with heroku+play!
I can confirm that when you set this in application.conf

XForwardedSupport=all

heroku stops complaining with SIGTERM

ゞ记忆︶ㄣ2024-12-28 07:05:13

正如 @Dan Carley 票证 https://play.lighthouseapp.com/projects/57987/tickets/1406-play-123-124-playmvcrouter-does-not-filled-support-proxied-ssl#ticket-1406-4< /a>

在 Heroku 上托管时,(如 Mirko 指出的那样)在 application.conf 中设置 XForwardedSupport=all 有效。

As pointed by @Dan Carley ticket on https://play.lighthouseapp.com/projects/57987/tickets/1406-play-123-124-playmvcrouter-does-not-fully-support-proxied-ssl#ticket-1406-4

When hosting on Heroku, (as pointed by Mirko) setting XForwardedSupport=all in application.conf works.

佞臣2024-12-28 07:05:12

我认为 Play 不支持通过 XForwardedSupport 配置参数在 Heroku 上转发(代理)请求的方式。这需要设置为 Heroku 负载均衡器的地址,并且没有办法配置该预运行时。相反,您应该只查看 x-forwarded-proto 请求标头来确定对 Heorku 负载均衡器的请求是通过 http 还是 https。也许是这样的:

    Boolean secure = false;
    if (request.headers.get("x-forwarded-proto") != null) {
      secure = request.headers.get("x-forwarded-proto").values.contains("https");
    }
    System.out.println("secure = " + secure);

顺便说一句:Heroku 的 cedar 堆栈不使用 Nginx。它使用 MochiWeb,一个基于 Erlang 的 Web 服务器。

I don't think Play supports the way that requests are forwarded (proxied) on Heroku via the XForwardedSupport configuration parameter. That would need to be set to the address of the Heroku load balancer and there isn't a way to configure that pre-runtime. Instead, you should just look at the x-forwarded-proto request header to determine if the request to the Heorku load balancer was via http or https. Maybe something like:

    Boolean secure = false;
    if (request.headers.get("x-forwarded-proto") != null) {
      secure = request.headers.get("x-forwarded-proto").values.contains("https");
    }
    System.out.println("secure = " + secure);

BTW: Heroku's cedar stack doesn't use Nginx. It uses MochiWeb, an Erlang-based web server.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文