+ikiwiki (3.20180106) UNRELEASED; urgency=medium
+
+ * core: Don't send relative redirect URLs when behind a reverse proxy
+
+ -- Simon McVittie <smcv@debian.org> Mon, 08 Jan 2018 10:51:10 +0000
+
ikiwiki (3.20180105) upstream; urgency=medium
* emailauth: Fix cookie problem when user is on https and the cgiurl
> Is the connection between nginx and lighttpd http or https?
>
> I think this is maybe a bug in `IkiWiki::redirect` when used in conjunction with
-> `reverse_proxy: 1`. I've added a failing test case marked as TODO to `t/relativity.t`,
-> although I haven't been able to fix the bug yet. The bug I found is that when marked
-> as behind a reverse proxy, `IkiWiki::redirect` sends `Location: /foo/bar/`, which
-> your backend web server might be misinterpreting. It should send
-> `Location: https://redacted/foo/bar/` instead.
+> `reverse_proxy: 1`: when marked as behind a reverse proxy,
+> `IkiWiki::redirect` sent `Location: /phd/foo/bar/`, which your backend web
+> server might be misinterpreting. ikiwiki git master now sends
+> `Location: https://redacted/phd/foo/bar/` instead: does that resolve this
+> for you?
>
> Assuming nginx has a reasonable level of configuration, you can redirect http to https
> for the entire server except `/.well-known/acme-challenge/` as a good way to bootstrap
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
like($bits{basehref}, qr{^(?:(?:https:)?//example\.com)?/wiki/$});
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
- TODO: {
- local $TODO = "https://ikiwiki.info/bugs/cgi_redirecting_to_non-https_URL/";
check_goto(qr{^https://example\.com/wiki/a/b/c/$}, HTTP_HOST => 'localhost');
- }
# previewing a page
%bits = parse_cgi_content(run_cgi(is_preview => 1, HTTP_HOST => 'localhost'));