Forcing spring hateoas to generate https links instead of http

Question

I'm using spring-boot:1.3.3, spring-hateoas:0.19.0 and spring-data-rest-core:2.4.4.

{
  "_embedded" : {
    "projects" : [ {
      "status" : "ACTIVE",
      "storageRegion" : "US",
      "dataSize" : 96850,
      "freemiumUnits" : 1,
      "_links" : {
        "self" : {
          "href" : "http://example.com/x-region-us/api/data/projects/2c9f93b755359a4a015535c19b1f0006"
        },
        "project" : {
          "href" : "http://example.com/x-region-us/api/data/projects/2c9f93b755359a4a015535c19b1f0006"
        },

This is example of content served by spring-hateoas. After a while I switched my application to SSL.

Problem comes when using traverson.js to jump(hop) through "_links". Error occures:

traverson.min.js:2 Mixed Content: The page at 'https://example.com/project-new' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://example.com/x-region-us/api/data/submittalActions'. This request has been blocked; the content must be served over HTTPS.

Is there a way to force spring to generate HTTPS links over HTTP in "_links" part of json?

Answer 1

If you use Apache Http Server, you need add in the config file this line:

RequestHeader set X-Forwarded-Proto "https"

Answer 2

Add the below headers to NginX

proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Prefix $http_x_forwarded_prefix;
proxy_set_header X-Forwarded-Host $http_x_forwarded_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Protocol https;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Url-Scheme https;
proxy_http_version 1.1;