[rt-users] Using https in web interface results sometimes in "Bad Request"

James J. Oliver james.oliver at principleone.com
Fri Aug 28 03:05:34 EDT 2009


Thanks Benno - I'll let you know how I get on. I am a bit surprised that only one person other than you and me has noticed this issue!

-----Original Message-----
From: Benno Overeinder [mailto:benno at NLnetLabs.nl] 
Sent: 26 August 2009 20:14
To: James J. Oliver
Cc: 'Ruslan Zakirov'; 'rt-users at lists.bestpractical.com'
Subject: Re: [rt-users] Using https in web interface results sometimes in "Bad Request"

James,

On 8/25/09 9:47 AM, James J. Oliver wrote:
> Thanks for the investigation - that throws more light on it. We were using http internally and https externally - I think I may just patch my systems as per your test and use https 100% of the time, the server is not particularly heavily loaded so it should not be a big problem. How did you decide to proceed and have you had any more feedback on the "if" statement?

Thank you for looking into unintended https/http switch.  As we (at our
lab) travel quite frequently and hook up to different wireless networks,
we try to access our service via https/ssl/tls/...

I did not receive any more feedback on the "if" statement.  The way we
proceed is quite simple, actually.  If with an action a redirect of
http://...:443/... occurs, we just correct the url in the browser to
https://...:443/...  Everything goes fine after that, including the
confirmation that the action is processed.

For convenience, I can hard code $uri->scheme('https'), which is fine
for our workflow.

Thanks,

-- Benno

-- 
Benno J. Overeinder
NLnet Labs
http://www.nlnetlabs.nl/



More information about the rt-users mailing list