wolf4earth

wolf4earth

How we split Plug.SSL to control SSL redirection

Most Liked

AstonJ

AstonJ

Great post Sascha, I am sure it will help a lot of people!

I don’t have a Phoenix app in production yet but for anyone using HAProxy, these lines on the frontend may also be of help:

reqadd X-Forwarded-Proto:\ https if { ssl_fc }
redirect scheme https if ssl_redirect_hosts !{ ssl_fc }
redirect scheme https code 301 if !{ ssl_fc }

In conjunction with configuring plug to handle X-Forwarded-* headers as per Sascha’s post.

Exadra37

Exadra37

exclude some requests from the redirect (and as such the HSTS header)

From the moment you set the HSTS header the browser will honor it for any endpoint not just for the one from where you sent it in a response.

The HTTP Strict Transport Security header informs the browser that it should never load a site using HTTP and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead.

Or am I misunderstanding your proposal?

Where Next?

Popular Backend topics Top

tomekzawada
Greetings from Membrane Framework team! Check out our case study based on our latest projects at Software Mansion. https://blog.swmansi...
New
New
First poster: bot
Go is not an easy programming language. It is simple in many ways: the syntax is simple, most of the semantics are simple. But a language...
/go
New
First poster: bot
Django 3.2 is just around the corner and it’s packed with new features. Django versions are usually not that exciting (it’s a good thing!...
New
First poster: Exadra37
Summary: I describe a simple interview problem (counting frequencies of unique words), solve it in various languages, and compare perform...
New
CommunityNews
I don’t like reading thick O’Reilly books when I start learning new programming languages. Rather, I like starting by writing small and d...
New
First poster: bot
I wrote Python for the last 10 years, and I always tend to write code in a “functional” way - map, filter, lambda and so on, it makes me ...
New
First poster: bot
Our blog has had a long standing interest in novel uses of the BEAM, or Erlang virtual machine, as shown by the many articles we have pub...
New
RudManusachi
Hi there! Recently I was playing around with extracting and updating data in the DB and for fun challenged myself to try to implement a ...
New
vkatsuba
Hi folks! Ukrainian Erlanger is here :sign_of_the_horns:! I’d like to share my recent talk at the TADSummit Online Conference, where I ...
New

Other popular topics Top

AstonJ
Curious to know which languages and frameworks you’re all thinking about learning next :upside_down_face: Perhaps if there’s enough peop...
New
Rainer
My first contact with Erlang was about 2 years ago when I used RabbitMQ, which is written in Erlang, for my job. This made me curious and...
New
PragmaticBookshelf
Tailwind CSS is an exciting new CSS framework that allows you to design your site by composing simple utility classes to create complex e...
New
PragmaticBookshelf
Learn different ways of writing concurrent code in Elixir and increase your application's performance, without sacrificing scalability or...
New
AstonJ
Continuing the discussion from Thinking about learning Crystal, let’s discuss - I was wondering which languages don’t GC - maybe we can c...
New
Margaret
Hello everyone! This thread is to tell you about what authors from The Pragmatic Bookshelf are writing on Medium.
1147 28379 760
New
rustkas
Intensively researching Erlang books and additional resources on it, I have found that the topic of using Regular Expressions is either c...
New
AstonJ
Biggest jackpot ever apparently! :upside_down_face: I don’t (usually) gamble/play the lottery, but working on a program to predict the...
New
First poster: joeb
The File System Access API with Origin Private File System. WebKit supports new API that makes it possible for web apps to create, open,...
New
AstonJ
Was just curious to see if any were around, found this one: I got 51/100: Not sure if it was meant to buy I am sure at times the b...
New