Hi Leander,

The problem is that the internal site isn't using HTTPS. We tell Django to
build the URLs, and it checks whether HTTPS is used based on the "HTTPS"
environment variable. Maybe there's something you could do there to fake
that variable, set it to 1?

Christian


On Friday, September 16, 2011, Leander <lean...@1stplayable.com> wrote:
> We recently migrated to 1.6, and our hacky ProxyPass solution for
> getting offsite access to our internal RB server stopped working.
>
> (Scrubbing domain names in the following to protect the innocent, not
> that it would be hard to figure out, heh.)
>
> As a bit of background, we have a rb.example.com internal site, which
> is HTTP-only; there's an external www.example.com which is HTTPS-only.
>
> The apache config on the www.example.com server looks as follows:
>
>  SSLProxyEngine on
>  <Location /rb/>
>    AuthType Basic
>    AuthName "ldap"
>    Require group internal external
>    Allow from All
>    ProxyPass http://rb.example.com/rb/
>    ProxyPassReverse http://rb.example.com/rb/
>    ProxyPassReverse http://www.example.com/rb/
>    ProxyPassReverseCookieDomain rb.example.com www.example.com
>  </Location>
>
> RB's Admin -> Settings -> General -> Site Settings -> Server is set to
> "https://www.example.com";, and for the heck of it I added a:
>
>  DOMAIN_METHOD = 'https'
>
> ...to the settings_local.py (and verified that the corresponding .pyc
> updated as of next reload).
>
> Most of the site works, but not all.  Looking at firebug, when I
> attempt to post a review or add a comment, I get e.g.:
>
>  GET https://www.example.com/rb/api/review-requests/2819/?api_format=json
>
> ...with a response that includes a review_request.links full of http
> URLs (instead of the desired https URLs).  "Show Details" on the
> server error confirms that it was trying to use http and not https:
>
>  Request URL:
http://www.example.com/rb/api/review-requests/2819/reviews/draft/
>
> ProxyPassReverse obviously isn't scrubbing the json responses (it's
> not supposed to, based on my understanding of the mod_proxy docs, it
> only hits headers).
>
> Anything I can do to force json responses to use the https protocol in
> their URLs?
>
> --
> Want to help the Review Board project? Donate today at
http://www.reviewboard.org/donate/
> Happy user? Let us know at http://www.reviewboard.org/users/
> -~----------~----~----~----~------~----~------~--~---
> To unsubscribe from this group, send email to
reviewboard+unsubscr...@googlegroups.com
> For more options, visit this group at
http://groups.google.com/group/reviewboard?hl=en
>

-- 
-- 
Christian Hammond - chip...@chipx86.com
Review Board - http://www.reviewboard.org
VMware, Inc. - http://www.vmware.com

-- 
Want to help the Review Board project? Donate today at 
http://www.reviewboard.org/donate/
Happy user? Let us know at http://www.reviewboard.org/users/
-~----------~----~----~----~------~----~------~--~---
To unsubscribe from this group, send email to 
reviewboard+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/reviewboard?hl=en

Reply via email to