<div class="gmail_quote">On Sat, Apr 25, 2009 at 6:29 AM, Bill Moseley <span dir="ltr"><<a href="mailto:moseley@hank.org">moseley@hank.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="im">On Fri, Apr 24, 2009 at 03:48:36PM -0700, Phil Mitchell wrote:<br>
> ><br>
> I am running mod_perl/Apache 2.0 and serving SSL on a non-standard port via<br>
> a VirtualHost. I thought my apache setup was vanilla, but perhaps not -- I<br>
> am no apache expert. It seems surprising to have to set an ENV variable in<br>
> order for $c->request->base to work correctly...<br>
<br>
</div>The SSL decryption is happening on Apache and Apache is proxying the<br>
request to Catalyst. Catalyst has no way to know that the request was<br>
originally SSL. AFAIK, there's no standard way a front end proxy<br>
can indicate the initial request was SSL to the back end that works<br>
with all proxies.</blockquote><div><br></div></div>Yes, it all makes sense ... now. Still, I think that when something as fundamental as $c->request->base is fragile, it calls for some thought. Perhaps a config variable that lets you set your SSL port? My guess is that the average cat user does not realize that req->secure and req->base may be unreliable.<br>