Skip to content

https for openshift #488

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 10, 2014
Merged

https for openshift #488

merged 2 commits into from
Apr 10, 2014

Conversation

omer-akhter
Copy link
Contributor

I just updated to 2.9 and found out that https no longer works.

I did some digging and made some changes.

SSilence added a commit that referenced this pull request Apr 10, 2014
@SSilence
Merge pull request #488 from omer-akhter/master
02739e0 
https for openshift
@SSilence SSilence merged commit 02739e0 into fossar:master Apr 10, 2014
@niol niol mentioned this pull request Apr 14, 2014
Closed
@niol
Copy link
Collaborator

niol commented Apr 14, 2014

Can you elaborate on what was broken on openshift because this fix breaks things for me.

@omer-akhter
Copy link
Contributor Author

On openshift, the webserver doesn't set HTTPS header so the following condition doesn't return true:
isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"]=="on"

So, even when I opened my page using https, the generated base url would be prefixed with http. This would make all js, css, etc calls http. And browser would refuse to load them as they would appear to be unsecure.

My change removes the protocol portion from base url. So, for example, if it was generating:
https://mydomain.com
It will now generate:
//mydomain.com

Modern browsers handle the url having protocol prefix by using the procol from of current page. So, if you page is opened with https, the base url will be https as well.

@SSilence
Copy link
Member

@niol which browser do you use? Could this be a problem with some or older browsers?

Be aware that you can set the base url in your config.ini. I do this with my installation because the https proxy does also set the wrong $_SERVER values.

@niol
Copy link
Collaborator

niol commented Apr 15, 2014

I use Chromium 33 or Chrome 34.

I noticed while investigating on the issue that I can set the base URL in config.ini, but I wanted to report that URL autodection had gone broken by that change (url redirection after login or logout for instance).

Anyway can somebody who has access to an openshift deployment use print_r() to see all available server vars (and PHP environment) and fix the HTTPS test on openshift rather than removing that test that is usefull for other setups?

@omer-akhter
Copy link
Contributor Author

I understand that config.ini can be used to override base url but I wanted the code to work without much config changes. The change has been working ok in my deployment.

I can use print_r() but since I don't know PHP at all, I appreciate it if you could provide me with a snippet and tell me where to put it.

@Weishaupt
Copy link
Contributor

This change breaks at least login and logout for me, as described in #513.
I'm hosting selfoss unter https://domain.tld/selfoss with this patch applied, I get redirected to https://domain.tld/selfoss//domain.tld:443/selfoss/ when logging in, which of course is wrong and gives me an 404 error.
I'm using FF28, so this is not an 'old browser' problem.

@niol
Copy link
Collaborator

niol commented Apr 22, 2014

@omer-akhter : A file with the following content would show you the vars available in PHP for selfoss to test if the request is using HTTPS.

<?php
header('Content-type: text/plain');

echo "\$_SERVER: ";
print_r($_SERVER);
echo "\n\$_ENV: ";
print_r($_ENV);

?>

If you see something we can use in the output, tell me. For instance on my setup, I have the following :

$_SERVER: Array
(
    [HTTPS] => on
    [...]
)
$_ENV: Array
(
)

@omer-akhter
Copy link
Contributor Author

Here is what I got

[DOCUMENT_ROOT] => /var/lib/openshift/[XXXXXXXXX]/app-root/runtime/repo/php
[GATEWAY_INTERFACE] => CGI/1.1
[GEM_HOME] => /var/lib/openshift/[XXXXXXXXX]/.gem
[HISTFILE] => /var/lib/openshift/[XXXXXXXXX]/app-root/data/.bash_history
[HOME] => /var/lib/openshift/[XXXXXXXXX]/
[HTTPS] => 1
[HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
[HTTP_ACCEPT_ENCODING] => gzip, deflate
[HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.5
[HTTP_CONNECTION] => Keep-Alive
[HTTP_COOKIE] => [XXXXXXXXX]
[HTTP_HOST] => [XXXXXXXXX]
[HTTP_USER_AGENT] => Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:29.0) Gecko/20100101 Firefox/29.0
[HTTP_X_CLIENT_IP] => [XXXXXXXXX]
[HTTP_X_FORWARDED_FOR] => [XXXXXXXXX]
[HTTP_X_FORWARDED_HOST] => [XXXXXXXXX]
[HTTP_X_FORWARDED_PORT] => 443
[HTTP_X_FORWARDED_PROTO] => https
[HTTP_X_FORWARDED_SERVER] => localhost
[HTTP_X_FORWARDED_SSL_CLIENT_CERT] => (null)
[HTTP_X_REQUEST_START] => t=1398857357977383
[LD_LIBRARY_PATH] => /opt/rh/postgresql92/root/usr/lib64
[MANPATH] => /opt/rh/postgresql92/root/usr/share/man:
[OPENSHIFT_APP_DNS] => [XXXXXXXXX]
[OPENSHIFT_APP_NAME] => [XXXXXXXXX]
[OPENSHIFT_APP_UUID] => [XXXXXXXXX]
[OPENSHIFT_BROKER_HOST] => [XXXXXXXXX]
[OPENSHIFT_BUILD_DEPENDENCIES_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/runtime/build-dependencies/
[OPENSHIFT_CARTRIDGE_SDK_BASH] => /usr/lib/openshift/cartridge_sdk/bash/sdk
[OPENSHIFT_CARTRIDGE_SDK_RUBY] => /usr/lib/openshift/cartridge_sdk/ruby/sdk.rb
[OPENSHIFT_CLOUD_DOMAIN] => rhcloud.com
[OPENSHIFT_CRON_DIR] => /var/lib/openshift/[XXXXXXXXX]/cron/
[OPENSHIFT_CRON_IDENT] => redhat:cron:1.4:0.0.13
[OPENSHIFT_DATA_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/data/
[OPENSHIFT_DEPENDENCIES_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/runtime/dependencies/
[OPENSHIFT_DEPLOYMENTS_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-deployments/
[OPENSHIFT_GEAR_DNS] => [XXXXXXXXX]
[OPENSHIFT_GEAR_MEMORY_MB] => 512
[OPENSHIFT_GEAR_NAME] => [XXXXXXXXX]
[OPENSHIFT_GEAR_UUID] => [XXXXXXXXX]
[OPENSHIFT_HOMEDIR] => /var/lib/openshift/[XXXXXXXXX]/
[OPENSHIFT_LOG_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/logs/
[OPENSHIFT_NAMESPACE] =>[XXXXXXXXX]
[OPENSHIFT_PHP_DIR] => /var/lib/openshift/[XXXXXXXXX]/php/
[OPENSHIFT_PHP_DOCUMENT_ROOT] => /var/lib/openshift/[XXXXXXXXX]/app-root/runtime/repo//php
[OPENSHIFT_PHP_IDENT] => redhat:php:5.3:0.0.15
[OPENSHIFT_PHP_IP] => [XXXXXXXXX]
[OPENSHIFT_PHP_LOG_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/logs/
[OPENSHIFT_PHP_PATH_ELEMENT] => /var/lib/openshift/[XXXXXXXXX]/php/phplib/pear/pear
[OPENSHIFT_PHP_PORT] => 8080
[OPENSHIFT_PHP_VERSION] => 5.3
[OPENSHIFT_PRIMARY_CARTRIDGE_DIR] => /var/lib/openshift/[XXXXXXXXX]/php/
[OPENSHIFT_REPO_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/runtime/repo/
[OPENSHIFT_TMP_DIR] => /tmp/
[PATH] => /var/lib/openshift/[XXXXXXXXX]/php/phplib/pear/pear:/opt/rh/postgresql92/root/usr/bin:/bin:/usr/bin:/usr/sbin
[PHPRC] => /var/lib/openshift/[XXXXXXXXX]/php//configuration/etc/php.ini
[PHP_INI_SCAN_DIR] => /var/lib/openshift/[XXXXXXXXX]/php/configuration/etc/php.d
[PHP_SELF] => /index.php
[PWD] => /var/lib/openshift/[XXXXXXXXX]/php
[QUERY_STRING] =>
[REDIRECT_GEM_HOME] => /var/lib/openshift/[XXXXXXXXX]/.gem
[REDIRECT_HISTFILE] => /var/lib/openshift/[XXXXXXXXX]/app-root/data/.bash_history
[REDIRECT_HOME] => /var/lib/openshift/[XXXXXXXXX]/
[REDIRECT_HTTPS] => 1
[REDIRECT_LD_LIBRARY_PATH] => /opt/rh/postgresql92/root/usr/lib64
[REDIRECT_MANPATH] => /opt/rh/postgresql92/root/usr/share/man:
[REDIRECT_OPENSHIFT_APP_UUID] => [XXXXXXXXX]
[REDIRECT_OPENSHIFT_BUILD_DEPENDENCIES_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/runtime/build-dependencies/
[REDIRECT_OPENSHIFT_CARTRIDGE_SDK_BASH] => /usr/lib/openshift/cartridge_sdk/bash/sdk
[REDIRECT_OPENSHIFT_CARTRIDGE_SDK_RUBY] => /usr/lib/openshift/cartridge_sdk/ruby/sdk.rb
[REDIRECT_OPENSHIFT_CRON_DIR] => /var/lib/openshift/[XXXXXXXXX]/cron/
[REDIRECT_OPENSHIFT_CRON_IDENT] => redhat:cron:1.4:0.0.13
[REDIRECT_OPENSHIFT_DATA_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/data/
[REDIRECT_OPENSHIFT_DEPENDENCIES_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/runtime/dependencies/
[REDIRECT_OPENSHIFT_DEPLOYMENTS_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-deployments/
[REDIRECT_OPENSHIFT_GEAR_MEMORY_MB] => 512
[REDIRECT_OPENSHIFT_GEAR_UUID] => [XXXXXXXXX]
[REDIRECT_OPENSHIFT_HOMEDIR] => /var/lib/openshift/[XXXXXXXXX]/
[REDIRECT_OPENSHIFT_LOG_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/logs/
[REDIRECT_OPENSHIFT_PHP_DIR] => /var/lib/openshift/[XXXXXXXXX]/php/
[REDIRECT_OPENSHIFT_PHP_IDENT] => redhat:php:5.3:0.0.15
[REDIRECT_OPENSHIFT_PHP_LOG_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/logs/
[REDIRECT_OPENSHIFT_PHP_PATH_ELEMENT] => /var/lib/openshift/[XXXXXXXXX]/php/phplib/pear/pear
[REDIRECT_OPENSHIFT_PHP_PORT] => 8080
[REDIRECT_OPENSHIFT_PHP_VERSION] => 5.3
[REDIRECT_OPENSHIFT_PRIMARY_CARTRIDGE_DIR] => /var/lib/openshift/[XXXXXXXXX]/php/
[REDIRECT_OPENSHIFT_REPO_DIR] => /var/lib/openshift/[XXXXXXXXX]/app-root/runtime/repo/
[REDIRECT_OPENSHIFT_TMP_DIR] => /tmp/
[REDIRECT_OPENSHIFT_UMASK] => 077
[REDIRECT_PATH] => /var/lib/openshift/[XXXXXXXXX]/php/phplib/pear/pear:/opt/rh/postgresql92/root/usr/bin:/bin:/usr/bin:/usr/sbin
[REDIRECT_PHPRC] => /var/lib/openshift/[XXXXXXXXX]/php//configuration/etc/php.ini
[REDIRECT_PHP_INI_SCAN_DIR] => /var/lib/openshift/[XXXXXXXXX]/php/configuration/etc/php.d
[REDIRECT_PWD] => /var/lib/openshift/[XXXXXXXXX]/php
[REDIRECT_SHLVL] => 2
[REDIRECT_STATUS] => 200
[REDIRECT_TMPDIR] => /tmp/
[REDIRECT_TMP] => /tmp/
[REDIRECT_TMP_DIR] => /tmp/
[REDIRECT_URL] => /update
[REMOTE_PORT] => 19802
[REQUEST_METHOD] => GET
[REQUEST_TIME] => 1398857357
[REQUEST_URI] => /update
[SCRIPT_FILENAME] => /var/lib/openshift/[XXXXXXXXX]/app-root/runtime/repo/php/index.php
[SCRIPT_NAME] => /index.php
[SERVER_ADMIN] => [XXXXXXXXX]
[SERVER_NAME] => [XXXXXXXXX]
[SERVER_PORT] => 80
[SERVER_PROTOCOL] => HTTP/1.1
[SERVER_SIGNATURE] => <address>Apache/2.2.15 (Red Hat) Server at [XXXXXXXXX] Port 80</address>
[SERVER_SOFTWARE] => Apache/2.2.15 (Red Hat)
[SHLVL] => 2
[TMPDIR] => /tmp/
[TMP] => /tmp/
[TMP_DIR] => /tmp/
[_] => /usr/bin/nohup

@niol
Copy link
Collaborator

niol commented May 2, 2014

Then $_SERVER["HTTPS"] should be tested for 1 additionnaly to on for the test to work on openshift.

SSilence added a commit that referenced this pull request May 2, 2014
@SSilence
fix https for openshift #488 bug
a585005
@SSilence
Copy link
Member

SSilence commented May 2, 2014

Ok, I fixed this and made this part of code a bit more readable.

SSilence added a commit that referenced this pull request May 2, 2014
@SSilence
fix https for openshift #488 bug
479597b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@omer-akhter @niol @SSilence @Weishaupt