You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tapestry.apache.org by "Richard Frovarp (JIRA)" <ji...@apache.org> on 2014/08/28 00:54:58 UTC
[jira] [Commented] (TAP5-1902) Production Mode and AJP together
changes URL behavior
[ https://issues.apache.org/jira/browse/TAP5-1902?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14113015#comment-14113015 ]
Richard Frovarp commented on TAP5-1902:
---------------------------------------
This is still very much an issue. AJP is a binary proxy protocol that is frequently used to proxy from HTTPD to a servlet engine, such as Tomcat.
http://tomcat.apache.org/connectors-doc/ajp/ajpv13a.html
I think I at least found part of the problem. Whether it is considered a bug or not, I'm not entirely sure.
Request.isSecure() works properly. After configuring the connector, that is returning true. BaseURLSource.getBaseURL(true) returns back the correct value that one would expect (https://myhost.ndsu.nodak.edu).
I think it has to do with LinkSecurity. There is no way to request an insecure page securely. It will always demote the page back down to insecure. However, in the process it honors the port, which is why you end up with links like: http://myhost.ndsu.nodak.edu:443/test/index.incrementajax, which of course doesn't work as the port doesn't match the scheme.
My method for fixing this issue (without exactly knowing why it worked) was to set MetaDataConstants.SECURE_PAGE to true. That keeps it from demoting pages to insecure. Also for some reason it doesn't seem to impact it if it isn't in production.
My guess is that you would see the same issues if you terminated SSL at Tomcat or Jetty.
> Production Mode and AJP together changes URL behavior
> -----------------------------------------------------
>
> Key: TAP5-1902
> URL: https://issues.apache.org/jira/browse/TAP5-1902
> Project: Tapestry 5
> Issue Type: Bug
> Components: tapestry-core
> Affects Versions: 5.3.2
> Reporter: Richard Frovarp
>
> With the production mode set to true, and the application being proxied to via AJP, URLs become fully qualified. When production mode is turned off, but still proxied via AJP, the URLs aren't qualified. With production mode on or off, HTTP proxies or direct calls to Jetty / Tomcat result in URLs that aren't qualified. These URLs are generated by Tapestry and extend to form POST URLs.
> Examples:
> Production mode on, proxy to Tomcat via AJP for the project generated by the quickstart archetype:
> <div class="menu">
> <ul>
> <li class="current_page_item">
> <a href="http://myhost/url-test/">Index</a>
> </li>
> <li>
> <a href="http://myhost/url-test/about">About</a>
> </li>
> <li>
> <a href="http://myhost/url-test/contact">Contact</a>
> </li>
> </ul>
> </div>
> Turn production mode off in Tomcat or use mvn jetty:run the same code generates this HTML:
> <div class="menu">
> <ul>
> <li class="current_page_item">
> <a href="/url-test/">Index</a>
> </li>
> <li>
> <a href="/url-test/about">About</a>
> </li>
> <li>
> <a href="/url-test/contact">Contact</a>
> </li>
> </ul>
> </div>
--
This message was sent by Atlassian JIRA
(v6.2#6252)