HTTPS for next page

Question

HTTPS for next page

FelixRijkers opened this issue 5 years ago · comments

Hi there,

I'm connecting trough HTTPS but Akeneo always returns url's with http for example for the next page of results. Any idae how to handle this?

Best Regards

Antoine Bluchet · Answer 1 · Thu Feb 06 2020 00:00:16 GMT+0800 (China Standard Time)

To get this right you have to configure your trusted proxy (app.php or index.php) there's a comment there. Then, Request->isSecure() should return true.

Reiner Keller · Answer 2 · Fri Apr 03 2020 19:28:03 GMT+0800 (China Standard Time)

Since there was a question in Slack referencing this issue here the solution for further searcher.

If you have a proxy setup commonly they can/should set an additional request header like:
X-Forwarded-Proto: https

Which you can use for setting SSL secured mode on Apache vhost which is forwarded to PHP so it could regonize the encrypted connection scheme.

<VirtualHost *:80>
...
        SetEnvIf     X-Forwarded-Proto     https     HTTPS=on
...
</VirtualHost>

Bests

Frederik · Answer 3 · Mon Apr 06 2020 18:26:40 GMT+0800 (China Standard Time)

This is all kinda vague for me and not really straight forward to implement.

Why not have an easy setting for Akeneo to use SSL or not SSL.
Or even better when you request a page in Akeneo API you send the pagining back in the same method as the request - http or https...

Reiner Keller · Answer 4 · Mon Apr 06 2020 20:51:22 GMT+0800 (China Standard Time)

I have no clue if there is a direct configuration setting in Akeneo.
My view is as "system administrator" which have to get and stay it running.

Thats the point you should consider yourself for next round which maybe someone else then could respond to if interested:

Why not have an easy setting for Akeneo to use SSL or not SSL.

I offered this switch in Apache config by setting right variable to on (it's automatically set by mod_ssl which is in this case isn't used):
SetEnvIf X-Forwarded-Proto https HTTPS=on

If you are lazy or unwillingly to set it conditionally then change it to
SetEnv HTTPS on

Or even better when you request a page in Akeneo API you send the pagining back in the same method as the request - http or https...

HOW show Akeneo know about it e.g. if there is Apache http running behind an HAproxy offering SSL termination? => Solution: my vhost / SetEnvIf example

Frederik · Answer 5 · Fri Apr 17 2020 19:32:53 GMT+0800 (China Standard Time)

I am still confused about all this. I tried the suggestions you gave but it did not give me a sollution. And if I look at the original question I'm not alone with this problem.

If I try the same request (no http) with https://reqbin.com/ then it follows the redirect to https and returns the data.

For some reason the "GuzzleHttp\Psr7\Request" does not follow this redirect, although in there documentation it says it would. (http://docs.guzzlephp.org/en/stable/quickstart.html#redirects)

Grégoire Houssard · Answer 6 · Thu Jun 04 2020 21:13:29 GMT+0800 (China Standard Time)

Since there was a question in Slack referencing this issue here the solution for further searcher.

If you have a proxy setup commonly they can/should set an additional request header like:
X-Forwarded-Proto: https

Which you can use for setting SSL secured mode on Apache vhost which is forwarded to PHP so it could regonize the encrypted connection scheme.
<VirtualHost *:80>
...
        SetEnvIf     X-Forwarded-Proto     https     HTTPS=on
...
</VirtualHost>
Bests

Works for me. Thanks!
Running PIM CE in docker container behind a Traefik reverse proxy

meisterlampe · Answer 7 · Wed Apr 21 2021 19:32:28 GMT+0800 (China Standard Time)

Since there was a question in Slack referencing this issue here the solution for further searcher.

If you have a proxy setup commonly they can/should set an additional request header like:
X-Forwarded-Proto: https

Which you can use for setting SSL secured mode on Apache vhost which is forwarded to PHP so it could regonize the encrypted connection scheme.
<VirtualHost *:80>
...
        SetEnvIf     X-Forwarded-Proto     https     HTTPS=on
...
</VirtualHost>
Bests

Also works for me using nginx as reverse proxy. Thanks.
To my mind, this is the right way to solve this problem when working with reverse proxies.

Karim Karim · Answer 8 · Tue Jul 06 2021 05:13:16 GMT+0800 (China Standard Time)

Since there was a question in Slack referencing this issue here the solution for further searcher.
If you have a proxy setup commonly they can/should set an additional request header like:
X-Forwarded-Proto: https
Which you can use for setting SSL secured mode on Apache vhost which is forwarded to PHP so it could regonize the encrypted connection scheme.
<VirtualHost *:80>
...
        SetEnvIf     X-Forwarded-Proto     https     HTTPS=on
...
</VirtualHost>
Bests
Also works for me using nginx as reverse proxy. Thanks.
To my mind, this is the right way to solve this problem when working with reverse proxies.

Can you please put here what you've done in Nginx please !

Tschallacka · Answer 9 · Tue Jan 11 2022 21:51:09 GMT+0800 (China Standard Time)

I simply added HTTPS=On to the .env file and it works like a charm.
No need to mess with the proxy config.

jean-marie leroux · Answer 10 · Wed Jan 12 2022 16:31:56 GMT+0800 (China Standard Time)

Could we consider it as resolved and close it?

Tschallacka · Answer 11 · Wed Jan 12 2022 16:54:00 GMT+0800 (China Standard Time)

I would suggest adding the https=on in the .env to the documentation for use in proxied servers asa solution