最受欢迎

导致重定向循环的Https

Https causing redirect loop?

本文关键字:Https 循环 重定向 | 更新日期: 2023-09-27

我使用的是代码点火器,我们的服务器有一些奇怪的配置。

我希望certian页面位于https之后,certian页面处于http之后,以及其他我不关心的页面。

下面是我的设置,

  • 如果我转到http://test.example.com(它调用disable_ssl()),页面加载良好
  • 如果我转到https://test.example.com/login(它调用了require_ssl()),页面加载良好
  • 如果我转到http://test.example.com/login,我会被重定向到https版本。这很好
  • 如果我转到https://test.example.com,那么我会被重定向循环击中。。。由于某种原因,即使我显式地写http,头也一直被设置为https而不是http

http请求上的$_SERVER数组看起来像

Array
(
    [REDIRECT_STATUS] => 200
    [HTTP_HOST] => test.example.com:80
    [HTTP_X_REAL_IP] => 119.224.22.142
    [HTTP_X_FORWARDED_FOR] => 119.224.22.142
    [HTTP_X_URL_SCHEME] => http
    [HTTP_CONNECTION] => close
    [HTTP_CACHE_CONTROL] => max-age=0
    [HTTP_USER_AGENT] => Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.100 Safari/534.30
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9;q=0.8
    [HTTP_ACCEPT_ENCODING] => gzip,deflate,sdch
    [HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.8,en-NZ;q=0.6
    [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.3
    [HTTP_COOKIE] => [...]
    [PATH] => /usr/local/bin:/usr/bin:/bin
    [SERVER_SIGNATURE] => 
Apache/2.2.14 (Ubuntu) Server at test.example.com Port 8080

    [SERVER_SOFTWARE] => Apache/2.2.14 (Ubuntu)
    [SERVER_NAME] => test.example.com
    [SERVER_ADDR] => 127.0.0.1
    [SERVER_PORT] => 8080
    [REMOTE_ADDR] => 127.0.0.1
    [DOCUMENT_ROOT] => /var/www
    [SERVER_ADMIN] => webmaster@localhost
    [SCRIPT_FILENAME] => /var/www/index.php
    [REMOTE_PORT] => 54833
    [REDIRECT_URL] => /
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_PROTOCOL] => HTTP/1.0
    [REQUEST_METHOD] => GET
    [QUERY_STRING] => 
    [REQUEST_URI] => /
    [SCRIPT_NAME] => /index.php
    [PATH_INFO] => /
    [PATH_TRANSLATED] => redirect:/index.php/
    [PHP_SELF] => /index.php/
    [PHP_AUTH_USER] => ******
    [PHP_AUTH_PW] => ******
    [REQUEST_TIME] => 1308972068
)

在https请求中,它看起来像

Array
(
    [REDIRECT_STATUS] => 200
    [HTTP_HOST] => test.example.com:443
    [HTTP_X_REAL_IP] => 119.224.22.142
    [HTTP_X_FORWARDED_FOR] => 119.224.22.142
    [HTTP_X_URL_SCHEME] => https
    [HTTP_X_FORWARDED_PROTO] => https
    [HTTP_CONNECTION] => close
    [HTTP_USER_AGENT] => Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.100 Safari/534.30
    [HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9;q=0.8
    [HTTP_ACCEPT_ENCODING] => gzip,deflate,sdch
    [HTTP_ACCEPT_LANGUAGE] => en-US,en;q=0.8,en-NZ;q=0.6
    [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.3
    [HTTP_COOKIE] => [...]
    [PATH] => /usr/local/bin:/usr/bin:/bin
    [SERVER_SIGNATURE] => 
Apache/2.2.14 (Ubuntu) Server at test.example.com Port 8080

    [SERVER_SOFTWARE] => Apache/2.2.14 (Ubuntu)
    [SERVER_NAME] => test.example.com
    [SERVER_ADDR] => 127.0.0.1
    [SERVER_PORT] => 8080
    [REMOTE_ADDR] => 127.0.0.1
    [DOCUMENT_ROOT] => /var/www
    [SERVER_ADMIN] => webmaster@localhost
    [SCRIPT_FILENAME] => /var/www/index.php
    [REMOTE_PORT] => 54841
    [REDIRECT_URL] => /
    [GATEWAY_INTERFACE] => CGI/1.1
    [SERVER_PROTOCOL] => HTTP/1.0
    [REQUEST_METHOD] => GET
    [QUERY_STRING] => 
    [REQUEST_URI] => /
    [SCRIPT_NAME] => /index.php
    [PATH_INFO] => /
    [PATH_TRANSLATED] => redirect:/index.php/
    [PHP_SELF] => /index.php/
    [PHP_AUTH_USER] => ********
    [PHP_AUTH_PW] => ********
    [REQUEST_TIME] => 1308972250
)

我的.htaccess看起来像

Options +FollowSymlinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^www'.(.*)$ [NC]
RewriteRule ^(.*)$ %1/$1 [R=301,L]

RewriteCond $1 !^(index'.php|robots'.txt|favicon'.ico|css|images|js)
RewriteRule ^(.*)$ index.php/$1 [L]

因此,在我的index.php顶部,我有

$_SERVER['SERVER_PORT'] = explode(':', $_SERVER['HTTP_HOST']);
$_SERVER['HTTP_HOST'] = $_SERVER['SERVER_PORT'][0];
$_SERVER['SERVER_PORT'] = $_SERVER['SERVER_PORT'][1];
if($_SERVER['SERVER_PORT'] == 443)
  $_SERVER['HTTPS'] = 'On';
else
  $_SERVER['HTTPS'] = 'Off';

在我想要HTTPS的页面上,我称之为

function require_ssl(){
    if($_SERVER['HTTPS'] == 'Off') {
        $host = explode(':', $_SERVER['HTTP_HOST']);
        header('location: https://' . $host[0] . $_SERVER['REQUEST_URI']);
        exit;
    }
}

在我只想要HTTP的页面上,我称之为

function disable_ssl(){
    if($_SERVER['HTTPS'] == 'On') {
        $host = explode(':', $_SERVER['HTTP_HOST']);
        header('location: http://' . $host[0] . $_SERVER['REQUEST_URI']);
        exit;
    }
}

因此,经过数小时痛苦的调试,我们终于解决了这个问题。

Nginx
是的,负载均衡器自己重定向。

nginx设置中,该行存在proxy_redirect http:// https://;

那么,发生了什么?

嗯,我的代码说"这个页面不应该是https,重定向"
然后nginx说"这个请求不是https,重定向"
然后我的代码是
吊杆重定向循环。

因此,通过将proxy_redirect http:// https://;更改为proxy_redirect Off;,我们解决了以下问题:)

您为disable_ssl()发布的函数显示:

if($_SERVER['HTTPS'] == '0n') {

0("零")是否为复制/粘贴错误?我想你的意思是:

if($_SERVER['HTTPS'] == 'On') {

如果我正确地遵循了您的逻辑,那么当您转到https://test.example.com时就会调用此函数,因此,如果存在此拼写错误,它可能没有按照您认为的方式执行。

我们已经在这里解决了Nginx(和其他反向代理)的准确修复:

http://www.sonassi.com/knowledge-base/magento-kb/magento-https-redirect-loop/

这样就避免了在index.php文件中包含该代码的必要性。你所需要做的就是把它添加到你的Nginx配置中,

fastcgi_param  HTTPS on;

您可以考虑使用.htaccess规则,比如:

RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} (optional pattern additional url matching)
RewriteRule ^(.*)$ https://test.example.com/$1 [L]

如果您想强制http,只需将80替换为443,将https替换为http。

相关文章:
最新更新
www.56WenDa.com 2012-2023 | php问答网 | php学习