Markus Schnöpf
2017-07-20 14:32:55 UTC
Dear List,
we are running several eXist-db instances (mostly version 3.2.0) behind nginx as a proxy. We are aware of the regarding chapters in Adam Retter's book and the online documentation.
One of nginx' duties is to redirect requests per http to https. As the responses of /webstart/exist.jnlp contain references to http-resources, the Java Admin Client doesn't work as any subsequent requests violate the same-origin-policy.
From the proxy's point of view a 301-response to a request of an http resource is never followed by a request via https as e.g. any browser does.
The client raises a FailedDownloadException and an IllegalURLRedirect. Changing the codebase in the returned jnlp-file to https doesn't have any effect.
Is there a way we can tell exist to use the https within the codebase?
Does it respect the X-Forwarded-Proto or Forwarded header?
Would it be possible to download or somehow else obtain the full Admin Client bytecode and invoke it locally to connect to any eXist-db instance?
we are running several eXist-db instances (mostly version 3.2.0) behind nginx as a proxy. We are aware of the regarding chapters in Adam Retter's book and the online documentation.
One of nginx' duties is to redirect requests per http to https. As the responses of /webstart/exist.jnlp contain references to http-resources, the Java Admin Client doesn't work as any subsequent requests violate the same-origin-policy.
From the proxy's point of view a 301-response to a request of an http resource is never followed by a request via https as e.g. any browser does.
The client raises a FailedDownloadException and an IllegalURLRedirect. Changing the codebase in the returned jnlp-file to https doesn't have any effect.
Is there a way we can tell exist to use the https within the codebase?
Does it respect the X-Forwarded-Proto or Forwarded header?
Would it be possible to download or somehow else obtain the full Admin Client bytecode and invoke it locally to connect to any eXist-db instance?