How to make lighttpd respect X-Forwarded-Proto when constructing redirects for directories?
- by Tim Landscheidt
We have an nginx proxy at tools.wmflabs.org that receives requests by http and https and passes them by http on to lighttpds on a grid (one lighttpd per top-level path). Requests that reach the proxy by https are received by the lighttpds like this:
HEAD /lighttpd-test/test HTTP/1.1
Connection: close
Host: tools.wmflabs.org
X-Forwarded-Proto: https
X-Original-URI: /lighttpd-test/test
User-Agent: curl/7.29.0
Accept: */*
This works great except in the case where the URL references a physical directory and misses the trailing slash ("/"), as lighttpd then generates a redirect to the http URL:
HTTP/1.1 301 Moved Permanently
Location: http://tools.wmflabs.org/lighttpd-test/test/
Connection: close
Date: Fri, 06 Jun 2014 14:50:29 GMT
Server: lighttpd/1.4.28
The relevant parts of our lighttpd configurations are:
server.modules = (
"mod_setenv",
"mod_access",
"mod_accesslog",
"mod_alias",
"mod_compress",
"mod_redirect",
"mod_rewrite",
"mod_fastcgi",
"mod_cgi",
)
server.port = $port
[...]
server.document-root = "$home/public_html"
[...]
server.follow-symlink = "enable"
[...]
server.stat-cache-engine = "fam"
ssl.engine = "disable"
alias.url = ( "/$tool" => "$home/public_html/" )
index-file.names = ( "index.php", "index.html", "index.htm" )
dir-listing.encoding = "utf-8"
server.dir-listing = "disable"
url.access-deny = ( "~", ".inc" )
[...]
How can I make lighttpd respect X-Forwarded-Proto and use it when constructing redirects for directories? I'm aware that I could try to tackle this in nginx, but I'd prefer if I can fix it in lighttpd.