Thursday, September 1, 2022

[FIXED] How to avoid Wicket redirecting page from HTTPS to HTTP

      , ,      No comments   

Issue

I use wicket 8.10, it is installed on tomcat and proxied by nginx. SSL certificates configured in nginx config. Also Nginx forwards all HTTP requests to HTTPS.

The problem is following:

When I submit any form wicket returns response headers where the Location tag contains url with HTTP protocol.

Why it is important:

The last chrome update makes browser show alert when Location contains HTTP protocol on page opened by HTTPS. Before that, nginx quietly redirected the request, but now user see alert page from browser (similar to when certificate is invalid or absence).


Solution

The simplest solution I have found is to use the nginx directive:

proxy_redirect http://example.com https://example.com;

It changes location header from http://example.com/any/path to https://example.com/any/path



Answered By - A.Alexander
Answer Checked By - Mildred Charles (PHPFixing Admin)

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...