Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

HTTP+HTTPS server simultaneously #191

Open
helllamer opened this Issue · 8 comments

5 participants

@helllamer

It will be good to listen HTTP and HTTPS ports simultaneously. Current easy-to-use variant, CB + nginx as proxy, crashes on chunked encoding and other HTTP/1.1 features. This is because nginx does not support HTTP/1.1.

By now, other possible crunches are:

  • CB + apache + mod_proxy + mod_ssl - it works! But have much more complexity (compared with nginx).
  • Run two instances of CB in cluster: disadvantages are overhead of session replication, double RAM consumption and overall system design looks ugly.

Also, a patch was proposed some time ago.
Hope, this will be implemented in future.

Original message from google-groups.
Some related patches was in pull-request #44 "Multiple listeners".

@evanmiller
Owner

I'm happy to have multiple listeners. I was unhappy with the previous patch set because I thought it was too complex and not re-usable enough.

Do you need to distinguish HTTP from HTTPS traffic inside the application?

@helllamer

I think, it will be enought to:

  • In controller: somehow detect, if SSL is enabled or not. It can be used to enforce SSL or plain HTTP using absolute-URL redirects.
@evanmiller
Owner

I'm thinking something like

Req:http_or_https() -> http | https
@helllamer

Yes, this or something like this will be enough for 99% cases.

@kotedo
@evanmiller
Owner

@kotedo, good call since SPDY is around the corner.

@evanmiller
Owner

Ok, I submitted a pull request to SimpleBridge, check out

nitrogen/simple_bridge#17

@zkessin zkessin was assigned
@ilyashuma

Btw, i pushed some code to SimpleBridge for support of X-Forwarded-Proto header ( nitrogen/simple_bridge#32 ).

It can be useful when nginx is in charge of SSL, and cb is running behind.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.