Kevin Menard created MODCLUSTER-296:
Summary: Set X_FORWARDED_PROTO header when serving SSL
Issue Type: Feature Request
Reporter: Kevin Menard
Assignee: Jean-Frederic Clere
I'm using mod_cluster to connect my Torquebox server to Apache 2, serving up a Rails
application. Since SSL termination is occurring at the Apache level, all communication
between Apache and Torquebox (AS 7.1) is done without SSL. Rails then thinks it's
working over plain HTTP and alters it's behavior accordingly: any generated URLs will
use the "http" scheme and it will not allow the creation of cookies with the
"secure" attribute set. I don't know if other frameworks behave similarly,
but I suspect some do.
As it turns out, setting the X_FORWARDED_PROTO header to "https" fixes the
problem in Rails. It then knows that it's being served up over SSL. I've added
it to my vhost, but it'd be nice if mod_cluster handled this out of the box. Unlike
other proxy startegies, there's no clear way to tell mod_cluster to communicate over a
secure channel to the AS instance. I think setting this header then is in keeping with
the expected behavior.
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
For more information on JIRA, see: http://www.atlassian.com/software/jira