1

I have a Laravel app running on Fortrabbit. All it's routes are an API (except for /). The frontend talks to the backend via the API. The frontend is served via https, as are all the routes.

Everything works via https: the assets, the API calls. All except for one route that redirects it's requests to http. It's a search function so at first I thought it might be the client-side library I'm using for the search but if I copy the XHR request as CURL and fire it from my terminal, I also get the redirect:

Request:
curl 'https://theapp/?search=mak' -H 'Accept: application/json, text/plain, */*' -H 'Referer: https://theapp/' -H 'X-XSRF-TOKEN: the-token -H 'X-Requested-With: XMLHttpRequest'

Response:
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="http://theapp?search=mak">here</a>.</p>
<hr>
<address>Apache/2.4.25 (Ubuntu) Server at theapp Port 80</address>
</body></html>

I'm not a Laravel pro but I can't see or find anything that would cause that behaviour, whether in the configs or .htaccess. The APP_URL is set to the https URL as well.

Like I said there are several other GET routes in the app that do not redirect.

I contacted the Fortrabbit team but they insist they aren't redirecting anything to http. I don't see anything in the logs either, other than the request.

Does anyone have an idea what could be causing this?

Christof
  • 3,777
  • 4
  • 37
  • 49
  • 1
    One thing I notice is that the new URL in the redirect is missing the `/` after `theapp`. Perhaps this was just an error when you made it anonymous. I suggest examining logs to see where this is being generated. For `mod_rewrite` add `LogLevel rewrite:trace3` to your main config and review the error log. If it's being done by `mod_alias` then that will appear in the usual Apache access logs as a 301. –  Jun 26 '17 at 18:59
  • 1
    @SuperDuperApps - that was it! I can't believe it was that simple. Feel free to add an answer and I'll accept it. Thank you. – Christof Jun 26 '17 at 19:16
  • Great, thanks, will do. Glad it's fixed. Which bit was it? –  Jun 26 '17 at 19:17
  • The trailing slash at the end of the URL – Christof Jun 26 '17 at 19:25
  • Ah, cool. I added my comment as an answer. Thanks again. –  Jun 26 '17 at 19:26

1 Answers1

1

One thing I notice is that the new URL in the redirect is missing the / after theapp. Perhaps this was just an error when you made it anonymous.

I suggest examining logs to see where this is being generated. For mod_rewrite add LogLevel rewrite:trace3 to your main config and review the error log. If it's being done by mod_alias then that will appear in the usual Apache access logs as a 301.