New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add rewrites for ssl so apache behaves properly #1124
Conversation
Adding |
Testing it with |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm able to interact with sites configured to use Apache over https, this looks good to me.
7554793
to
2d2ea47
Compare
It's worth considering adding a test for this one. |
2d2ea47
to
542f872
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Re-approving after test changes. Inspecting redirect destinations seems sturdy enough for me at the moment, but we could investigate using something like headzoo/surf if that gets brought back into the deeper CMS test interaction stuff.
The Problem/Issue/Bug:
@ondrogo in Typo3 slack pointed out that with apache-fpm or apache-cgi he was unable to log into the backend. The reason ended up being that both Apache and TYPO3 were redirecting to plain https, losing the context in the process.
Apache is not very good at being on the receiving end of a reverse proxy. But there are workarounds, as in this PR. You have to convince mod_dir not to redirect to http when operating in https, and you have to make sure that the HTTPS environment variable gets propagated to php.
The base problem is described in http://httpd.apache.org/docs/2.4/mod/core.html#servername:
Unfortunately, we are supporting both http and https at the same time, so can't use the ServerName workaround.
The internet is not all that good at solving this problem for us, but these two obscure links provided hints:
How this PR Solves The Problem:
It tries to do those things.
Manual Testing Instructions:
You can either use the full ddev download from Circleci or just use
webimage: drud/ddev-webserver:20180922_apache_https
in your config.yaml.Automated Testing Overview:
We may be able to add cases for this into apache-specific tests, but I'm not sure.
Related Issue Link(s):
Release/Deployment notes: