0

Hi I have nginx setup to redirect all port 80 requests to use https instead:

server {
    listen 80;
    ...
    return 301 https://$host$request_uri;
}

Then I have all https requests route to my application server

server {
    listen 443 ssl;
    ...
    location / {
        proxy_pass http://localhost:8080;
        proxy_redirect off;
        ...
    }
}

All working as expected except those 302 responses with a Location header (e.g. Location: http://localhost/somepage), I would expect them to be redirected to use https (as they are accessing pages via port 80), however, I got an error (net::ERR_FAILED) instead. Strangely, directly typing those URLs in browser (e.g. http://localhost/somepage) works as expected (i.e. redirected to use https and page returns), so only the Location URLs are not being redirected by nginx, please help.

user1589188
  • 103
  • 1
  • 4
  • @RichardSmith I believe it is the application prepending it (i.e. not fixed to be localhost) to the redirect url – user1589188 Jun 01 '20 at 09:00
  • for example, I can visit `http://my-nginx-host/...` and nginx redirects me to `https://my-nginx-host/...` for most of my pages. There are some pages like `http://my-nginx-host/pageMoved`, my application would response with 302 to redirect to some other page e.g. `http://my-nginx-host/newPage` in the `Location` header. This caused an error. But directly typing `http://my-nginx-host/newPage` in browser works as nginx redirects it to `https://my-nginx-host/newPage` – user1589188 Jun 01 '20 at 09:17
  • I'm guessing now, but maybe the browser does not like redirecting from http -> https -> http -> https for security reasons. You should probably fix your application to use the correct scheme or fix it in Nginx by using `proxy_redirect http:// https://;` – Richard Smith Jun 01 '20 at 09:24
  • I believe you should not use `proxy_redirect off;` – Alexey Ten Jun 01 '20 at 14:26

1 Answers1

1

try adding a trailing slash to the end of the proxy ie proxy_pass http://localhost:8080/; I've had issues in the past where the location is being appended directly to the URL, eg https://localhostSomepage instead of https://localhost/Somepage. Hope this helps.

Paul Denmead
  • 11
  • 1