Filipe Castro
Reputation: 1
302 server redirection - 'Location' header URL gets changed from HTTP to HTTPS
I have a Java web app running on Tomcat and am trying to perform a 302 redirection.
The problem is: original request URL uses HTTPS. I want the redirect URL to use HTTP instead:
response.setHeader('Location', 'http://www.google.com');For some reason, after checking the redirection pack with Wireshark, the 'Location' header has 'https://www.google.com' instead.
Is there any configuration I can change so Tomcat respects the protocol I set in the header?
Upvotes: 0
Views: 2621
Answers (1)
Aparna Dasari
Reputation: 31
Does your web.xml have the security-constraint element something similar to...
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Web Pages</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
This will force your http requests to be https.
Upvotes: 1
Related Questions
- response.sendRedirect shows unwanted HttpStatus 302 instead of 307
- 302 redirect loads blank page
- How to disable auto redirect from HTTP to HTTPS on Tomcat
- Spring Boot/Tomcat: HTTP -> HTTPS 301 Redirects
- HTTP to HTTPS redirection issue with Tomcat 8
- Spring RestTemplate redirect 302
- URL redirection in Java return 302 instead of 301
- How to work around POST being changed to GET on 302 redirect?
- HTTP Referer after 302 Redirect
- Tomcat: Issue with redirecting from HTTP to HTTPS