Reputation: 641
Preventing http redirection over https request on Play! 1.2.x
Even if the request comes over https; inner redirection of play (controller.action call) sends it to http. So my facebook app being blocked by some browsers. The app is on Heroku by the way.
There is some solutions to redirect all request to https, but we don't want this. I need the solution; if request comes as http then process it as http, same for https..
Thanks
Upvotes: 0
Views: 134
Answers (1)
Reputation: 910
The answer here (XForwardedSupport for https play! support on Heroku failing) describes how to detect if the request came into the Heroku routing layer as https or http. Specifically, if the x-forwarded-proto header contains https then the request was secure. By the time if gets into your play app SSL termination has occurred so the Play app sees all requests as insecure.
Upvotes: 1
Related Questions
- How to disable HTTP requests on Heroku and/or auto-redirect to HTTPS?
- Heroku (PlayFramework/Scala) app automatically redirect to https
- Play framework redirect HTTP to https
- How to force Play framework 2 to always use SSL?
- How to enforce https for java Play! app on Heroku?
- Play framework 1.2.5 - Secure redirect issue : request two time?
- Play! framework: HTTPS and HTTP at the same time
- XForwardedSupport for https play! support on Heroku failing
- Https redirect and login cookies on Heroku with Play Framework
- Play! Framework on Heroku: validation.keep() isn't working over HTTPS