lyrixx / SFLive-Paris2016-Workflow

Demo app for the new symfony/workflow component
https://s.lyrixx.info/workflow-demo
176 stars 41 forks source link

Force https in heroku app #24

Closed Pierstoval closed 5 years ago

lyrixx commented 5 years ago

Unfortunately, this does not work :(

>…m/lyrixx/SFLive-Paris2016-Workflow(master) curl  https://symfony-workflow-demo.herokuapp.com/ -I
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: nginx
Date: Sun, 07 Apr 2019 19:45:57 GMT
Content-Type: text/html
Content-Length: 178
Location: https://localhost/
Via: 1.1 vegur

>…m/lyrixx/SFLive-Paris2016-Workflow(master) curl  http://symfony-workflow-demo.herokuapp.com/ -I
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: nginx
Date: Sun, 07 Apr 2019 19:46:01 GMT
Content-Type: text/html
Content-Length: 178
Location: https://localhost/
Via: 1.1 vegur
Pierstoval commented 5 years ago

Oh yeah, it's not $server_name, it's $host, my bad, I'll fix this up 🙂 (again, hopefully 🤣 )

lyrixx commented 5 years ago

This is better:

>…m/lyrixx/SFLive-Paris2016-Workflow(master) curl https://symfony-workflow-demo.herokuapp.com -I
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: nginx
Date: Mon, 08 Apr 2019 07:55:58 GMT
Content-Type: text/html
Content-Length: 178
Location: https://symfony-workflow-demo.herokuapp.com/
Via: 1.1 vegur

curl https://symfony-workflow-demo.herokuapp.com/ -I
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: nginx
Date: Mon, 08 Apr 2019 07:58:19 GMT
Content-Type: text/html
Content-Length: 178
Location: https://symfony-workflow-demo.herokuapp.com/
Via: 1.1 vegur

>…m/lyrixx/SFLive-Paris2016-Workflow(master) curl http://symfony-workflow-demo.herokuapp.com -I
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: nginx
Date: Mon, 08 Apr 2019 07:56:07 GMT
Content-Type: text/html
Content-Length: 178
Location: https://symfony-workflow-demo.herokuapp.com/
Via: 1.1 vegur
Pierstoval commented 5 years ago

We probably should check for HTTP headers, since Heroku proxies requests to the backend with HTTP protocol.

Maybe this should be done on the app side instead 😞

Pierstoval commented 5 years ago

Trying to search for clues there: https://github.com/heroku/heroku-buildpack-php/tree/master/conf/nginx

lyrixx commented 5 years ago

Actually, using if in nginx is highly is discouraged, maybe it's that. I will look at it late. Big week in progress

Pierstoval commented 5 years ago

I just pushed this change:

-if ($scheme = http) {
+if ($http_x_forwarded_proto = http) {

Feel free to test 😄

lyrixx commented 5 years ago

Works like a charm. Thanks a lot !