Hi there, my ages-old code to support SSL
- gets the request - checks its server_port and x-webobjects-server-port headers - if at least one of them is 443, we were accessed under SSL and all is well and swell. Otherwise, it generates 302 and HTTPS URL to re-direct to the same page under SSL. So far it worked like a charm for long long years. Now I am told that on a new installation on a new product server (I believe it is a Mac OS X 10.11) the redirections keep coming. Having added extra logs, I have found that (a) the server_port is always 80, even when the application is accessed through HTTPS (b) nevertheless, the request contains a header x-forwarded-port with the proper value of 443 Does someone here understand this stuff? Should I check the x-forwarded-port header first, and if it is 443, can I safely ignore server_port and assume the access to application was SSL-protected? Or should I tell them they need to fix their Apache settings, or whatever? Thanks a lot, OC _______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list (Webobjects-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
