ssl and apache as proxy

[msambg]

I configured sagenotebook server with apache as https proxy. I have this running quite a time now.

Now I realized that some requests from the notebook try to get a page with http:// . I assume, it's hardcoded somewhere.

So for a working notebook it is not sufficent to open port 443 in the firewall only. It is also necessary to open port 80 as well.

So if I watch packets, from time to time I get not only encrypted packets , but also some http requests.

It seems that they happen for example if the worksheet list of a user is called

GET /home/anyuser/

or

GET /pub/

or

GET /logout

Has anyone an idea how to solve this?

Maybe in local/lib/python2.7/site-packages/sagenb/flask_version/worksheet.py

the line

addr = 'http%s://%s/home/%s' % ('' if not g.notebook.secure else 's',

could be responsible for that.

But starting noteboook with secure=True doesn't work, and should not be used together with apache as https proxy, I think ??

If I alter the line no change in behavoiur.

Any Ideas?

Thanks

[novoselt]

That is certainly a bug in SageNB, but as a workaround I have

Header always set Strict-Transport-Security "max-age=86400"

in my Apache configuration.

[msambg]

Thank you, that seems to solve the problem. I can't see any HTTP packets any more, everything is secured with TLS now. I agree that this may be a bug. Did you experience any problems with any browsers?

[novoselt]

Not that I've heard of, Firefox, Chrome, and Safari seem to work fine.