wolf4earth

wolf4earth

How we split Plug.SSL to control SSL redirection

Most Liked

AstonJ

AstonJ

Great post Sascha, I am sure it will help a lot of people!

I don’t have a Phoenix app in production yet but for anyone using HAProxy, these lines on the frontend may also be of help:

reqadd X-Forwarded-Proto:\ https if { ssl_fc }
redirect scheme https if ssl_redirect_hosts !{ ssl_fc }
redirect scheme https code 301 if !{ ssl_fc }

In conjunction with configuring plug to handle X-Forwarded-* headers as per Sascha’s post.

Exadra37

Exadra37

exclude some requests from the redirect (and as such the HSTS header)

From the moment you set the HSTS header the browser will honor it for any endpoint not just for the one from where you sent it in a response.

The HTTP Strict Transport Security header informs the browser that it should never load a site using HTTP and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead.

Or am I misunderstanding your proposal?

Where Next?

Popular Backend topics Top

tomekzawada
Greetings from Membrane Framework team! Check out our case study based on our latest projects at Software Mansion. https://blog.swmansi...
New
New
New
First poster: bot
Julia is a scientific programming language that is free and open source.1 It is a relatively new language that borrows inspiration from l...
New
CommunityNews
Idioms for the D Programming Language This thread was posted by one of our members via one of our news source trackers.
New
First poster: bot
It’s easy to view yourself as “not a real programmer.” There are programs out there that everyone uses, and it’s easy to put their develo...
/c
New
First poster: bot
Once a year, I look back at the recent developments in the PHP world, and also look forward to what’s to come. And just like in 2020 and ...
New
First poster: bot
Our blog has had a long standing interest in novel uses of the BEAM, or Erlang virtual machine, as shown by the many articles we have pub...
New
New
brainlid
Jason Stiebs shows a couple ways for a LiveView to make it easy for users to click and copy an important value to their clipboard. He sho...
New

Other popular topics Top

AstonJ
A thread that every forum needs! Simply post a link to a track on YouTube (or SoundCloud or Vimeo amongst others!) on a separate line an...
New
ohm
Which, if any, games do you play? On what platform? I just bought (and completed) Minecraft Dungeons for my Nintendo Switch. Other than ...
New
DevotionGeo
I know that -t flag is used along with -i flag for getting an interactive shell. But I cannot digest what the man page for docker run com...
New
AstonJ
I ended up cancelling my Moonlander order as I think it’s just going to be a bit too bulky for me. I think the Planck and the Preonic (o...
New
DevotionGeo
The V Programming Language Simple language for building maintainable programs V is already mentioned couple of times in the forum, but I...
New
wmnnd
Here’s the story how one of the world’s first production deployments of LiveView came to be - and how trying to improve it almost caused ...
New
AstonJ
We’ve talked about his book briefly here but it is quickly becoming obsolete - so he’s decided to create a series of 7 podcasts, the firs...
New
First poster: bot
The overengineered Solution to my Pigeon Problem. TL;DR: I built a wifi-equipped water gun to shoot the pigeons on my balcony, controlle...
New
PragmaticBookshelf
Develop, deploy, and debug BEAM applications using BEAMOps: a new paradigm that focuses on scalability, fault tolerance, and owning each ...
New
AstonJ
This is cool! DEEPSEEK-V3 ON M4 MAC: BLAZING FAST INFERENCE ON APPLE SILICON We just witnessed something incredible: the largest open-s...
New