https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=25548
--- Comment #1 from David Cook <[email protected]> --- Also, if you have a reverse proxy in front of Apache and you proxy using HTTP rather than HTTPS, Apache will generate fully qualified HTTP URLs for the Redirect, which cause one of the two scenarios: Scenario 1: 1) Client (C) requests HTTPS from Reverse Proxy (RP) 2) RP requests HTTP from Apache (A) 3) A sends HTTP redirect to RP 4) RP sends HTTP redirect to C 5) C requests HTTP from RP Now you've just downgraded your HTTPS to HTTP by accident Scenario 2 (Force HTTPS): 1) Client (C) requests HTTPS from Reverse Proxy (RP) 2) RP requests HTTP from Apache (A) 3) A sends HTTP redirect to RP 4) RP sends HTTP redirect to C 5) C requests HTTP to RP 6) RP sends HTTPS redirect to C Now you've just redirected twice bouncing from HTTPS to HTTP to HTTPS for just 1 search. -- You are receiving this mail because: You are the assignee for the bug. You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
