proxy problems on forms page

3 views
Skip to first unread message

Brian Jones

unread,
Sep 9, 2009, 6:05:36 PM9/9/09
to Reason Discussion
Until non reason pages on the Luther site are moved into reason,
reason pages on the reason.luther.edu server are handled by proxy
using apache config files to www.luther.edu.

When type of page = "Form" reason redirects the page to https.

For example if you go to
http://www.luther.edu/studentlife/organizations/recsports/events/?event_id=248663&date=2009-09-10
and hover over 'Sign up for this event' the url listed is
http://www.luther.edu/studentlife/organizations/recsports/intramurals/fall/6x6_soccer/.

Somewhere along the line reason is converting the request to
https://reason.luther.edu/studentlife/organizations/recsports/intramurals/fall/6x6_soccer/.
Any ideas if it is possible to correct. I've poked around in classes/
url/page.php and abstract.php.

Thanks,
Brian

Nathan White

unread,
Sep 9, 2009, 6:23:42 PM9/9/09
to reason-d...@googlegroups.com
Hi Brian - 

The form module is setup to redirect to a secure page if the HTTPS_AVAILABLE constant in package_settings.php is set to true. That redirect is probably building itself using the REASON_HOST constant in reason_settings.php which I'm guessing is set to reason.luther.edu.

I'm not sure of the details of your setup or how you want it to behave, but the above is my best guess about why it is doing what it is doing on that form page.

Nate

Matt Ryan

unread,
Sep 10, 2009, 11:20:31 AM9/10/09
to reason-d...@googlegroups.com
As a general rule, Reason needs to know the domain under which it is
being served up. While theoretically, urls et al. could be all
relative (and therefore domain agnostic), Reason also does a fair
amount of http redirection, for things like redirecting to an https
version of a page, or for sending you to the next step when you fill
out a form, etc. For these things Reason needs to build a fully
qualified URL, and all it knows about is the name of the host that
Reason is being hosted on, so that is what it uses.

I don't have a lot of experience with web proxies, but I know that
there are "smarter" and "dumber" proxies -- the smarter ones actually
inspect the content and headers as it passes through them and rewrites
URLs, while the dumber ones just pass the content and headers without
any modification. I suspect that using a smarter proxy -- I think
there is an apache module that smartens up the apache proxy, and there
are other proxies that are not apache based -- would solve the
problem.

Alternatively, if Reason is or could be 100% proxied through your www
domain, you could change the HTTP_HOST constant in Reason to be www.
rather than reason., which would make Reason think that it is actually
being served under www and act accordingly. (There may be some places
in Reason code where the server variable may be referenced rather than
the setting constant, but it would not be hard to identify those
places in the code and fix that.)

Matt

Brian Jones

unread,
Sep 10, 2009, 11:54:24 AM9/10/09
to Reason Discussion
Thanks for the information.

Have made some progress setting the HTTP_HOST_NAME constant in the
package_settings.php file. If request is arriving to the reason
server via proxy from www.luther.edu then HTTP_X_FORWARD_HOST is
defined and HTTP_HOST_NAME is being set to www.luther.edu otherwise
HTTP_X_FORWARD_HOST is undefined and HTTP_HOST is used instead (which
is reason.luther.edu).

In package settings.php:
if (isset($_SERVER['HTTP_X_FORWARDED_HOST']))
{
domain_define( 'HTTP_HOST_NAME', $_SERVER
['HTTP_X_FORWARDED_HOST'] );
}
else
{
domain_define( 'HTTP_HOST_NAME', $_SERVER['HTTP_HOST']);
}

In reason_settings.php: define( 'REASON_HOST',HTTP_HOST_NAME);


It appears although I'm not sure that the form module may still be
referencing $_SERVER['HTTP_HOST'] when flipping over to https. Do you
know where in the form module this switch is occurring?

Thanks,
Brian
> On Wed, Sep 9, 2009 at 5:23 PM, Nathan White <n...@natewhite.com> wrote:
> > Hi Brian -
> > The form module is setup to redirect to a secure page if the HTTPS_AVAILABLE
> > constant in package_settings.php is set to true. That redirect is probably
> > building itself using the REASON_HOST constant in reason_settings.php which
> > I'm guessing is set to reason.luther.edu.
> > I'm not sure of the details of your setup or how you want it to behave, but
> > the above is my best guess about why it is doing what it is doing on that
> > form page.
> > Nate
> > On Wed, Sep 9, 2009 at 5:05 PM, Brian Jones <joneb...@gmail.com> wrote:
>
> >> Until non reason pages on the Luther site are moved into reason,
> >> reason pages on the reason.luther.edu server are handled by proxy
> >> using apache config files towww.luther.edu.
>
> >> When type of page = "Form" reason redirects the page to https.
>
> >> For example if you go to
>
> >>http://www.luther.edu/studentlife/organizations/recsports/events/?eve...
> >> and hover over 'Sign up for this event' the url listed is
>
> >>http://www.luther.edu/studentlife/organizations/recsports/intramurals....
>
> >> Somewhere along the line reason is converting the request to
>
> >>https://reason.luther.edu/studentlife/organizations/recsports/intramu....

Nathan White

unread,
Sep 10, 2009, 12:17:15 PM9/10/09
to reason-d...@googlegroups.com
In carl_util/basic/url_funcs.php, the function get_current_url is currently using $_SERVER['HTTP_HOST']. That function is used a lot and could be the issue. We could (and perhaps should) change that to HTTP_HOST_NAME since HTTP_HOST_NAME should be defined in package_settings.php.

Nate

Brian Jones

unread,
Sep 10, 2009, 3:42:41 PM9/10/09
to Reason Discussion
Nate,

Your suggestion does the trick. Modified get_current_url() to pick up
HTTP_HOST_NAME and the switch to HTTPS is now working via proxy.

Thanks,
Brian

code changed in /carl_util/basic/url_funcs.php around line 180:
if (defined("HTTP_HOST_NAME"))
{
$host = HTTP_HOST_NAME;
}
else
{
$host = $_SERVER['HTTP_HOST'];
}


On Sep 10, 11:17 am, Nathan White <n...@natewhite.com> wrote:
> In carl_util/basic/url_funcs.php, the function get_current_url is currently
> using $_SERVER['HTTP_HOST']. That function is used a lot and could be the
> issue. We could (and perhaps should) change that to HTTP_HOST_NAME since
> HTTP_HOST_NAME should be defined in package_settings.php.
> Nate
>
> On Thu, Sep 10, 2009 at 10:54 AM, Brian Jones <joneb...@gmail.com> wrote:
>
> > Thanks for the information.
>
> > Have made some progress setting the HTTP_HOST_NAME constant in the
> > package_settings.php file.  If request is arriving to the reason
> > server via proxy fromwww.luther.eduthen HTTP_X_FORWARD_HOST is

Matt Ryan

unread,
Sep 10, 2009, 4:16:31 PM9/10/09
to reason-d...@googlegroups.com
FYI, a quick grep through the Reason codebase yields 25 references to
$_SERVER['HTTP_HOST']. Some of these would be straightforward to
replace with HTTP_HOST_NAME, but others (around the multidomain
support) might not be as easy to puzzle out.

We'll look into updating the code to be more consistent in this
regard, though we aren't sure exactly how long that will take.

Matt

P.S. Another possible approach would be to actually redefine
$_SERVER['HTTP_HOST'] itself(!). Definitely a hack, but possibly
effective.

On Thu, Sep 10, 2009 at 2:42 PM, Brian Jones <jone...@gmail.com> wrote:
>
> Nate,
>
> Your suggestion does the trick.  Modified get_current_url() to pick up
> HTTP_HOST_NAME and the switch to HTTPS is now working via proxy.
>
> Thanks,
> Brian
>
> code changed in /carl_util/basic/url_funcs.php around line 180:
> if (defined("HTTP_HOST_NAME"))
>        {
>                $host = HTTP_HOST_NAME;
>        }
>        else
>        {
>                $host = $q;
Reply all
Reply to author
Forward
0 new messages