java – PlayFramework在http而不是httpS中返回绝对URL?
我在仅使用https的NGinx的Play!Framework中实现了一个项目.
一切正常,SSL是公认的,我可以在任何地方使用我的应用程序,但播放时!返回绝对URL,它是http,而不是https. 这是有问题的,我不知道问题出在哪里. 我怀疑Nginx配置错误(我忘记了一个参数?). proxy_buffering off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Scheme "https"; # I also tried $scheme without any luck proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_http_version 1.1; server { listen 80; server_name my.website.com; return 301 https://my.website.com; } upstream my-backend { server 127.0.0.1:9100; } server { listen 443; ssl on; root /var/www/website/errors/; # http://www.selfsignedcertificate.com/ is useful for development testing ssl_certificate /etc/nginx/ssl/my.website.com.crt; ssl_certificate_key /etc/nginx/ssl/my.website.com.key; # From https://bettercrypto.org/static/applied-crypto-hardening.pdf ssl_prefer_server_ciphers on; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA'; add_header Strict-Transport-Security max-age=15768000; # six months # use this only if all subdomains support HTTPS! # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" keepalive_timeout 70; server_name my.website.com; location / { #proxy_pass http://my-backend; proxy_pass http://127.0.0.1:9100; } location ~ /.git { deny all; } error_page 502 @maintenance; location @maintenance { rewrite ^(.*)$/error502.html break; } } 我错过了什么? 更新:这是生成绝对URL的代码: controllers.routes.Pages.loginToken(getToken()).absoluteURL(play.mvc.Http.Context.current().request()); 解决方法
absoluteURL有几个重载.你正在使用这个:
public String absoluteURL(Http.Request request) { return absoluteURL(request.secure(),request.host()); } 这个问题是,由于您通过nginx反向代理播放,Play实际上是通过HTTP接收所有请求,而不是HTTPS.这意味着request.secure()为false,而absoluteURL将返回包含http:// ….的URL. 相反,在其中一个重载中手动将secure设置为true: controllers.routes.Pages.loginToken(getToken()).absoluteURL(play.mvc.Http.Context.current().request(),true); 此外,我通常做的是安全配置变量,因此它可以在本地开发时生成非https URL. 在application.conf中: application.secure = false # for local dev 在生产中,我在启动应用程序时添加命令行选项-Dapplication.secure = true,以覆盖application.conf中的值. 然后生成URL将如下所示: controllers.routes.Pages.loginToken(getToken()).absoluteURL( play.mvc.Http.Context.current().request(),play.Play.application().configuration().getBoolean("application.secure",true) // default to true ); (编辑:李大同) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |