[Catalyst] unexpected behavior of $c->request->secure and
$c->request->base
seasprocket at gmail.com
seasprocket at gmail.com
Sat Apr 25 18:13:16 GMT 2009
On Sat, Apr 25, 2009 at 6:29 AM, Bill Moseley <moseley at hank.org> wrote:
> On Fri, Apr 24, 2009 at 03:48:36PM -0700, Phil Mitchell wrote:
> > >
> > I am running mod_perl/Apache 2.0 and serving SSL on a non-standard port
> via
> > a VirtualHost. I thought my apache setup was vanilla, but perhaps not --
> I
> > am no apache expert. It seems surprising to have to set an ENV variable
> in
> > order for $c->request->base to work correctly...
>
> The SSL decryption is happening on Apache and Apache is proxying the
> request to Catalyst. Catalyst has no way to know that the request was
> originally SSL. AFAIK, there's no standard way a front end proxy
> can indicate the initial request was SSL to the back end that works
> with all proxies.
Yes, it all makes sense ... now. Still, I think that when something as
fundamental as $c->request->base is fragile, it calls for some thought.
Perhaps a config variable that lets you set your SSL port? My guess is that
the average cat user does not realize that req->secure and req->base may be
unreliable.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20090425/c62b2=
702/attachment.htm
More information about the Catalyst
mailing list