Symfony 2 Post/Redirect/Get pattern redirect to HTTPS issue
Question
I'm using the PRG pattern in Symfony 2 to avoid showing 'Confirm Form Resubmission" page after clicking back button. Everything works fine when the site is on http:// but when the site (production) is on https:// this pattern is not working and the 'Confirm Form Resubmission' appears again :(
Basically I have pages A,B,C.
A: Form
B: Process the form and redirect 303 to C
C: Display some page
I'm making redirection in Symfony like this:
return $this->redirect('confirmation', 303);
and in the routes for all actions I'm including:
schemes="https", host="%secured_host_name%"
How can I redirect to make it work on HTTPS:// too ?
1 answers
solution1
0 2016-03-03 18:16:44
Since redirects are using absolute URIs, one has to take care about proxy servers (HTTP->HTTPS) and reverse proxy servers. If your application is such that a user uses an SSL tunnel to reach your site, this can cause problems also. (You may be able to use the Referer header to discover the domain and port the user is actually entering.)
Solution: Add your proxy to trusted_proxies in framework config:
# app/config/config.yml
# ...
framework:
trusted_proxies: [192.0.0.1, 10.0.0.0/8]
or if you don't know your proxy ip:
// web/app.php
// ...
Request::setTrustedProxies(array('127.0.0.1', $request->server->get('REMOTE_ADDR')));
$response = $kernel->handle($request);
// ...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.