[rt-users] Using https in web interface results sometimes in "Bad Request"

Benno Overeinder benno at NLnetLabs.nl
Wed Aug 26 08:14:29 EDT 2009


James,

On 8/25/09 9:47 AM, James J. Oliver wrote:
> Thanks for the investigation - that throws more light on it. We were using http internally and https externally - I think I may just patch my systems as per your test and use https 100% of the time, the server is not particularly heavily loaded so it should not be a big problem. How did you decide to proceed and have you had any more feedback on the "if" statement?

Thank you for looking into unintended https/http switch.  As we (at our
lab) travel quite frequently and hook up to different wireless networks,
we try to access our service via https/ssl/tls/...

I did not receive any more feedback on the "if" statement.  The way we
proceed is quite simple, actually.  If with an action a redirect of
http://...:443/... occurs, we just correct the url in the browser to
https://...:443/...  Everything goes fine after that, including the
confirmation that the action is processed.

For convenience, I can hard code $uri->scheme('https'), which is fine
for our workflow.

Thanks,

-- Benno

-- 
Benno J. Overeinder
NLnet Labs
http://www.nlnetlabs.nl/



More information about the rt-users mailing list