You are here: Foswiki>Tasks Web>Item1872 (01 Aug 2009, OliverKrueger)Edit Attach

Item1872: Support for https URL rewriting based on port numbers

Priority: Enhancement
Current State: No Action Required
Released In:
Target Release: n/a
Applies To: Engine
Reported By: MarcSCHAEFER
Waiting For: Main.MarcSCHAEFER, Main.OliverKrueger
Last Change By: OliverKrueger
Assume you have a reverse proxy which supports HTTP or HTTPS. You want that guest access to the wiki goes through HTTP (or possibly HTTPS), and that authenticated access goes through HTTPS and stays there. However, your wiki is not on a SSL-enabled machine (the SSL engine is the reverse proxy). You use a combination of ports to detect whether the request was SSL or not (e.g. port 80: http, port 81: the initial request before the proxy was SSL). You also want Foswiki to detect the used port (81) and prefix https:// to all URLs. Else some auth cookie could travel uncrypted.

This adds a new configuration entry, MapPortsToProtocols, which can be defined as follows:

$Foswiki::cfg{MapPortsToProtocols} = { '81' => 'https' };<

 diff -uP /var/lib/foswiki/lib/ /var/lib/foswiki/lib/  
--- /var/lib/foswiki/lib/     2009-06-21 21:22:25.000000000 +0000
+++ /var/lib/foswiki/lib/     2009-08-01 10:02:16.000000000 +0000
@@ -1442,6 +1442,16 @@
         elsif ( $Foswiki::cfg{RemovePortNumber} ) {
             $this->{urlHost} =~ s/\:[0-9]+$//;
+        #
+        elsif (defined($Foswiki::cfg{MapPortsToProtocols})
+               && ($ENV{HTTP_HOST} =~ /:([0-9]+)$/)) {
+           if (exists($Foswiki::cfg{MapPortsToProtocols}->{$1})) {
+              my $proto = $Foswiki::cfg{MapPortsToProtocols}->{$1};
+              $this->{urlHost} =~ s/^https*/$proto/;
+           }
+        }
     else {
         $this->{urlHost} = $Foswiki::cfg{DefaultUrlHost};

The feature request IntroduceForceDefaultUrlHostToggle is related. Maybe we can combine these two things. Please add a comment to that feature request or open a new FR in the Development web.

Setting this to No Action. Can be re-opened, if the FR is accepted.

-- OliverKrueger - 01 Aug 2009

ItemTemplate edit

Summary Support for https URL rewriting based on port numbers
ReportedBy MarcSCHAEFER
Codebase 1.0.6, 1.0.5
SVN Range Foswiki-1.0.0, Thu, 08 Jan 2009, build 1878
AppliesTo Engine
Priority Enhancement
CurrentState No Action Required
WaitingFor MarcSCHAEFER, OliverKrueger
TargetRelease n/a
Topic revision: r2 - 01 Aug 2009, OliverKrueger
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy