We recently migrated to 1.6, and our hacky ProxyPass solution for
getting offsite access to our internal RB server stopped working.

(Scrubbing domain names in the following to protect the innocent, not
that it would be hard to figure out, heh.)

As a bit of background, we have a rb.example.com internal site, which
is HTTP-only; there's an external www.example.com which is HTTPS-only.

The apache config on the www.example.com server looks as follows:

  SSLProxyEngine on
  <Location /rb/>
    AuthType Basic
    AuthName "ldap"
    Require group internal external
    Allow from All
    ProxyPass http://rb.example.com/rb/
    ProxyPassReverse http://rb.example.com/rb/
    ProxyPassReverse http://www.example.com/rb/
    ProxyPassReverseCookieDomain rb.example.com www.example.com

RB's Admin -> Settings -> General -> Site Settings -> Server is set to
"https://www.example.com";, and for the heck of it I added a:

  DOMAIN_METHOD = 'https'

...to the settings_local.py (and verified that the corresponding .pyc
updated as of next reload).

Most of the site works, but not all.  Looking at firebug, when I
attempt to post a review or add a comment, I get e.g.:

  GET https://www.example.com/rb/api/review-requests/2819/?api_format=json

...with a response that includes a review_request.links full of http
URLs (instead of the desired https URLs).  "Show Details" on the
server error confirms that it was trying to use http and not https:

  Request URL: http://www.example.com/rb/api/review-requests/2819/reviews/draft/

ProxyPassReverse obviously isn't scrubbing the json responses (it's
not supposed to, based on my understanding of the mod_proxy docs, it
only hits headers).

Anything I can do to force json responses to use the https protocol in
their URLs?

Want to help the Review Board project? Donate today at 
Happy user? Let us know at http://www.reviewboard.org/users/
To unsubscribe from this group, send email to 
For more options, visit this group at 

Reply via email to