What steps will reproduce the problem?
1. Follow the guide to configure gitblit to be access behind apache configured as a
reverse proxy in https
2. Access to a page that contains the repository url
You should see an URL with the https scheme because the external URL is https, but
instead you see an http URL
What version of the product are you using? 1.0.0
On what operating system? Debian
Reported by fabio.canepa on 2012-07-25 11:30:33
The text was updated successfully, but these errors were encountered:
Hmmm. I'm sure you are right. I assume you are using mod_rewrite, but that may only
affect links and the repository URL is not currently a link. I'm not sure if it should
be. Perhaps. In the meantime, you can set web.otherUrls with the appropriate url
but it will still display the internal link as the default.
Well what I've done is simply following the paragraph "Running Gitblit behind Apache"
under http://gitblit.com/setup.html and it does not use mod_rewrite but just mod_proxy.
I've quickly look at the source code and I see that the method com.gitblit.utils.HttpUtils.getGitblitURL()
simply does an HttpServletRequest.getScheme() but I think that this will be always
http if your apache contact gitblit in http.
Probably there should be a property web.scheme manually set to https when using this
configuraion and th getGitblitURL() should check also this property
I've implemented support for the http header fields X-Forwarded-Proto and X-Forwarded-Port
in HttpUtils.getGitblitURL(). This will be part of the next release.
If you access the Gitblit demo site via http then you will see http repository urls.
If you access via https, then you will see https repository urls. The demo sits behind
RedHat's nginx reverse proxy and it sets X-Forwarded-Proto for each request. Unfortunately
at the moment it does not set X-Forwarded-Port, so Gitblit makes a reasonable assumption
that https & 80 don't mix. I have an open request to RedHat to set that header field.
For your case I believe the syntax for Apache httpd will be:
Header set X-Forwarded-Proto https
Header set X-Forwarded-Port 443
Thanx a lot!
The syntax for apache should be:
RequestHeader set X-Forwarded-Proto https
RequestHeader set X-Forwarded-Port 443
If you use "Header" insted "RequestHeader" X-Forwarded-Proto and X-Forwarded-Port are
added to the response and not to the request forwarded to the internal server