[英]Rails Devise Omiauth callback return domain.com:443 instead of https://domain.com
我正在使用AWS來部署我的Rails應用程序。 請求流程是這樣的
request -> AWS ELB (80, 443 SSL) -> EC2 (80) force to use https -> Unicorn
我剛剛遵循了devise文檔並使用了回調鏈接/users/auth/facebook 。
當使用http運行時,它工作正常,但是當我強制在 EC2 上加載https時,回調將返回
http://domain.com:443/users/auth/facebook
代替
https://domain.com/users/auth/facebook
然后就卡在這里了。
我應該檢查什么? 因為我已經重新檢查了Nginx配置,在 Facebook 應用程序上設置......謝謝!
我嘗試使用此設置
80 ELB -> 80 EC2
443 ELB -> 443 EC2
並將 http 請求重定向到 EC2 上的 https,但發生了同樣的問題。
我在彈性負載均衡器后面有兩個 AWS Opsworks 實例。
OpsWorks 實例堆棧是 Ruby on Rails + Nginx + Unicorn。
我希望我的網站在 http 和 https 中都可用,因此我正確配置了 nginx 服務器,並在我的 Rails 應用程序中留下了這一行評論:
配置/環境/production.rb
# config.force_ssl = true
但是我遇到了和你一樣的問題!
問題:
當用戶從 http 登錄時,一切都很好,但是對於從 HTTPS 登錄的用戶,從 facebook/twitter/instagram 和 devise omniauth,他們重定向到一個錯誤的 url,如: http://www.examplesite.com:第443話
我像下面那樣配置了 ELB 偵聽器(在 AWS 控制台內),為 https 部分提供了我的證書:
注意 HTTPS ==> HTTP
** 問題出在我的 nginx 配置中**,我修復了它,刪除了 80 個服務器部分中的這一行:
proxy_set_header X-Forwarded-Proto http;
所以最后這是我的 nginx 文件(看看服務器 80 中的獨角獸):
upstream unicorn_examplesite.com {
server unix:/srv/www/examplesite_pics/shared/sockets/unicorn.sock fail_timeout=0;
}
server {
listen 443 default deferred;
server_name www.examplesite.com;
access_log /var/log/nginx/examplesite.com.access.log;
root /srv/www/examplesite_pics/current/public;
location ~ ^/(system|assets|img|fonts|css|doc)/ {
add_header "Access-Control-Allow-Origin" "*";
expires max;
access_log off;
allow all;
add_header Cache-Control public;
break;
}
try_files $uri/index.html $uri @unicorn;
ssl on;
ssl_certificate /etc/nginx/ssl/examplesite.com.crt;
ssl_certificate_key /etc/nginx/ssl/examplesite.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_read_timeout 60;
proxy_send_timeout 60;
proxy_pass http://unicorn_examplesite.com;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 70;
}
server {
listen 80 default deferred;
server_name www.examplesite.com;
access_log /var/log/nginx/examplesite.com.access.log;
root /srv/www/examplesite_pics/current/public;
location ~ ^/(system|assets|img|fonts|css|doc)/ {
add_header "Access-Control-Allow-Origin" "*";
expires max;
access_log off;
allow all;
add_header Cache-Control public;
break;
}
try_files $uri/index.html $uri @unicorn;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_read_timeout 60;
proxy_send_timeout 60;
proxy_pass http://unicorn_examplesite.com;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 70;
}
server {
listen 80;
server_name *.examplesite.com;
access_log /var/log/nginx/examplesite.com.access.log;
root /srv/www/examplesite_pics/current/public;
location ~ ^/(system|assets|img|fonts|css|doc)/ {
add_header "Access-Control-Allow-Origin" "*";
expires max;
access_log off;
allow all;
add_header Cache-Control public;
break;
}
try_files $uri/index.html $uri @unicorn;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_read_timeout 60;
proxy_send_timeout 60;
proxy_pass http://unicorn_examplesite.com;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 70;
}
server {
listen 443;
server_name *.examplesite.com;
access_log /var/log/nginx/examplesite.com.access.log;
root /srv/www/examplesite_pics/current/public;
location ~ ^/(system|assets|img|fonts|css|doc)/ {
add_header "Access-Control-Allow-Origin" "*";
expires max;
access_log off;
allow all;
add_header Cache-Control public;
break;
}
try_files $uri/index.html $uri @unicorn;
ssl on;
ssl_certificate /etc/nginx/ssl/examplesite.com.crt;
ssl_certificate_key /etc/nginx/ssl/examplesite.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_read_timeout 60;
proxy_send_timeout 60;
proxy_pass http://unicorn_examplesite.com;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 70;
}
server {
listen 443;
server_name examplesite.com www.examplesite.it examplesite.it;
access_log /var/log/nginx/examplesite.com.access.log;
return 301 $scheme://www.examplesite.com$request_uri;
}
server {
listen 80;
server_name examplesite.com www.examplesite.it examplesite.it;
access_log /var/log/nginx/examplesite.com.access.log;
return 301 https://www.examplesite.com$request_uri;
}
希望能幫助到你!
apache redrict 301從https://www.domain.com到https://domain.com
[英]apache redrict 301 from https://www.domain.com to https://domain.com
如何將http://domain.com重定向到https://www.domain.com?
[英]How to redirect http://domain.com to https://www.domain.com?
Rails / Passenger / Nginx:將www.domain.com重定向到domain.com(以防止SSL警告)
[英]Rails/Passenger/Nginx: Redirecting www.domain.com to domain.com (to prevent SSL warning)
htaccess將http或https從domain.com重定向到https domain.net
[英]Htaccess redirect http or https from domain.com to https domain.net
Letsencrypt 的通配符 SSL - 好的,但 CN 仍然是“domain.com”而不是“*.domain.com”
[英]Wildcard SSL from Letsencrypt - Ok, but CN still “domain.com” not “*.domain.com”
.htaccess將所有請求(ssl和非ssl)重定向到https://domain.com
[英].htaccess redirect all request (both ssl and non ssl) to https://domain.com
SSL錯誤:如何通過.htaccess將https://www.domain.com重定向到http://domain.com以避免SSL錯誤
[英]SSL Error: how to redirect https://www.domain.com to http://domain.com via .htaccess to avoid SSL error
Route 53 aws www.domain.com 有效,但 domain.com 無效
[英]Route 53 aws www.domain.com works but domain.com not
應該為www.domain.com或domain.com制作SSL證書,如何配置它?
[英]Should an SSL certificate be made for www.domain.com or domain.com and how should it be configured?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.