From: justin@...
Date: 2015-01-27T15:51:01+00:00
Subject: [ruby-core:67841] [ruby-trunk - Bug #10789] [Open] X-forwarded-Proto required when using Reverse Proxy

Issue #10789 has been reported by Justin Alcorn.

----------------------------------------
Bug #10789: X-forwarded-Proto required when using Reverse Proxy
https://bugs.ruby-lang.org/issues/10789

* Author: Justin Alcorn
* Status: Open
* Priority: Normal
* Assignee: 
* ruby -v: ruby 2.0.0p353 (2013-11-22) [x86_64-linux]
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN
----------------------------------------
The Webrick library httpserver.rb makes use of the X-Forwarded-* HTTP headers when building link references for 307 responses.  It also requires X-Forwarded-Proto, but this header is not added by default in Apache 2.2 mod_proxy (and possibly others). It defaults to port 80, which can result in 307 responses that redirect to URIs such as

https://host.example.com:80/url

in httprequest.rb:

@forwarded_port = (tmp || (@forwarded_proto == "https" ? 443 : 80)).to_i


ruby 2.0.0p353 (2013-11-22) [x86_64-linux] on Red Hat Enterprise Linux Server release 6.6 (Santiago)

Workaround is to put 

RequestHeader set X-Forwarded-Proto "https" 

int the Apache conf, but Webrick should Do The Right Thing (tm) Since the header is not present by default.
 



-- 
https://bugs.ruby-lang.org/