Skip to content
This repository was archived by the owner on Nov 9, 2023. It is now read-only.
This repository was archived by the owner on Nov 9, 2023. It is now read-only.

Enabling force_ssl results in infinite redirect loop #26

Closed
Closed
Enabling force_ssl results in infinite redirect loop#26
Labels
🚨This issue needs some love.triagetriage meI really want to be triaged.
@bmclean

Description

@bmclean
bmclean
opened on Feb 8, 2016

Deploying a Rails app on a Managed VM with SSL enabled in the config/environments/production.rb as follows:

config.force_ssl = true

causes an infinite redirect loop. It appears that the HTTP_X_FORWARDED_PROTO HTTP header isn’t set properly.

force_ssl relies on the HTTP_X_FORWARDED_PROTO HTTP header to determine whether or not the request was an HTTPS request. If this setting isn't set to https then you end up with an infinite redirect loop as force_ssl will always think the forwarded request isn't HTTPS.

When we deploy Rails to a managed VM it appears each machine is set up with nginx in front? Is it possible for nginx to take care of the header?

Note: With force_ssl enabled I also had to disable health checks as they are sent http (not https) so Rails returned a 301 redirect. This caused the instance to be classified as unhealthy and it wouldn't receive any requests.

Metadata

Metadata

Assignees

No one assigned

    Labels

    🚨This issue needs some love.triagetriage meI really want to be triaged.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions