Hi,
If the proxy handles ssl, I assume it forwards the request to wicket
over plain http?
In that case, wicket cannot see (with default config) that the request
was in fact an ssl request.
Have a look at XForwardedRequestWrapper to make wicket aware of the ssl
termination on your proxy.
Met vriendelijke groet,
Kind regards,
Bas Gooren
Op 10-11-2012 14:42, schreef Martin Sachs:
Hi *,
i noticed some errors while using the httpsmapper with ssl-termination
on a proxy(nginx, bigip-F5).
Wicket redirects the following sequence:
http://domain.com/test
results in
https://domain.com/test
this url was also redirected with end ?0 but not https. Redirect to
http://domain.com/test?0
I debugged the HttpsMapper and found, that the method
mapHandler(IRequestHandler handler, Request request) causes this problem.
Original wicket-6.2 source
//**
* Creates a url for the handler. Modifies it with the correct
{@link Scheme} if necessary.
*
* @param handler
* @param request
* @return url
*/
final Url mapHandler(IRequestHandler handler, Request request)
{
Url url = delegate.mapHandler(handler);
Scheme desired = getDesiredSchemeFor(handler);
Scheme current = getSchemeOf(request);
if (!desired.isCompatibleWith(current))
{
// the generated url does not have the correct scheme, set
it (which in turn will cause
// the url to be rendered in its full representation)
url.setProtocol(desired.urlName());
url.setPort(desired.getPort(config));
}
return url;
}/
I changed the code to get it work:
/ final Url mapHandler(IRequestHandler handler, Request request)
{
Url url = delegate.mapHandler(handler);
Scheme desired = getDesiredSchemeFor(handler);
if (desired!= Scheme.ANY)
{
// the generated url does not have the correct scheme, set
it (which in turn will cause
// the url to be rendered in its full representation)
url.setProtocol(desired.urlName());
url.setPort(desired.getPort(config));
}
return url;
}/
I dont have a quickstart for this, 'cause you also need a proxy
configuration to get this bug.
What do you mean?
cya
Martin
