Nginx 1.6.2 + Passenger 5.0.1 redirecting SSL to https with port 80 appended?

[stevenhaddox]

In an environment utilizing x509 certificate authentication we have all of our apps running over SSL. As a result we had a redirect rule on nginx to rewrite everything from port 80 to port 443. We host several rails apps as sub-URI applications to the main domain in this particular example (not sure if this is relevant or not, but it is part of the generated URL so I thought I'd include it).

With passenger 4.x we were able to hit a request at https://domain.com/app-uri/ and it would do several authentication redirects via omniauth before coming back to https://domain.com/app-uri/auth/provider/callback (note, this is because in the omniauth strategy we redirect to `callback_url` instead of `callback_path` as the latter strips the sub-URI from the URL on redirect).

With passenger 5.x we are able to send a request to https://domain.com/app-uri/ and it hits the same redirects, but ultimately comes back to: https://domain.com:80/app-uri/auth/provider/callback

Obviously the addition of port ":80" to the URL is causing major issues. I've tried my best to see if this is something I can fix in the nginx rewrite / redirect rules and even manually adding port 443 as part of the rewrite rule for port 80 and it is still not working. The only change through all of this is upgrading from 4.0.59 to 5.0.1 with Passenger. I also tried using `callback_path` instead of `callback_url` in the omniauth strategy and that still strips the sub-URI from the URL and therefore is a no-go as well.

Did passenger break redirects in some form possibly, or perhaps I'm missing an option to tell passenger which port to request with a sub-uri app?  The redirect rule is still working properly when hit over http, so I don't even think that the nginx rewrite should be relevant since this is from an application that's being hit directly from https in the URL to begin with and then passenger is sending to https + port 80...

If it's of any use, the rewrite rule for nginx originally looked like this:

server {
    listen       80;
    server_name  domain.com;
    rewrite      ^ https://$server_name$request_uri?;
}

[Hongli Lai]

I think this is related to https://github.com/phusion/passenger/issues/1421. It should be fixed in 5.0.4 and later.

--
You received this message because you are subscribed to the Google Groups "Phusion Passenger Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email to phusion-passen...@googlegroups.com.
To post to this group, send email to phusion-...@googlegroups.com.
Visit this group at http://groups.google.com/group/phusion-passenger.
To view this discussion on the web visit https://groups.google.com/d/msgid/phusion-passenger/8db7002f-f414-4040-a090-571a02ab128d%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--

Phusion | Web Application deployment, scaling, and monitoring solutions

Web: http://www.phusion.nl/
E-mail: in...@phusion.nl
Chamber of commerce no: 08173483 (The Netherlands)