ChiliProject is not maintained anymore. Please be advised that there will be no more updates.

We do not recommend that you setup new ChiliProject instances and we urge all existing users to migrate their data to a maintained system, e.g. Redmine. We will provide a migration script later. In the meantime, you can use the instructions by Christian Daehn.

HTTPS redirect problems with very simple setup

Added by Manuel Pais at 2011-09-16 05:38 pm

Hi.

We just started using ChiliProject and it looks great, thanks!

We have a very simple setup using Thin and PostgreSQL:

ChiliProject 2.2.0
Thin 1.2.11
PostgreSQL 8.4

We use Thin SSL options for https connections. We don't use any other http server like Nginx or Apache.

The tool generally keeps the https urls except on some specific cases such as new issue creation/update or changing project from the top right drop down.

I've seen similar error reports for Redmine which recommended setting a forward option in Nginx or Apache configuration.

But in our case I'm lost as how to fix this issue, can you help?

Thanks!


Replies (15)

RE: HTTPS redirect problems with very simple setup - Added by Felix Schäfer at 2011-09-17 12:54 pm

Can you point me to the https docs for thin? Normally links are generated with the protocol and host of the current request, if some links are http, it probably means that ChiliProject doesn't know the current request is over ssl.

RE: HTTPS redirect problems with very simple setup - Added by Manuel Pais at 2011-09-19 01:06 pm

I'm not sure what you mean. We didn't have to setup anything for Thin, simply included the gem in ChiliProject bundle and run it:

bundle exec thin start --ssl --ssl-key-file certificate.key --ssl-cert-file certificate.crt --ssl-verify -e production

Thin SSL support started with release 1.2.8:

http://groups.google.com/group/thin-ruby/browse_thread/thread/ebb73ddd0fb35ad9#

RE: HTTPS redirect problems with very simple setup - Added by Felix Schäfer at 2011-09-19 01:52 pm

How savvy are you with html and rails? Could you check the generated page contains https only links in the places you've mentioned, for example in the project list? Next step would probably be to check if thin correctly sets the ENV['HTTPS'] correctly on requests.

RE: HTTPS redirect problems with very simple setup - Added by Manuel Pais at 2011-09-19 02:08 pm

Newbie.

HTML has relative paths and browser shows https URL with mouse over link, for e.g.

<select onchange="if (this.value != '') { window.location = this.value; }"><option value=''>Jump to a project...</option><option value="" disabled="disabled">---</option><option value="/projects/test-project?jump=overview">Test Project</option></select>

Regarding the ENV['HTTPS'] setting I don't know how to check it but if it wasn't set wouldn't all links refer to http instead of most refering to https and some redirecting to http?

RE: HTTPS redirect problems with very simple setup - Added by Holger Just at 2011-09-19 02:12 pm

Have you made sure to select HTTPS in Administration -> Settings -> General -> Protocol?

ChiliProject typically generates links without an explicit host and protocol. Sometimes, it requires to use the complete host and protocol. It then uses the information specified there.

RE: HTTPS redirect problems with very simple setup - Added by Manuel Pais at 2011-09-19 02:14 pm

Yes, Protocol is set to HTTPS.

But as far as I've read on Redmine/ChiliProject forums this setting is only used for links in the email notifications, not for the app links.

RE: HTTPS redirect problems with very simple setup - Added by Felix Schäfer at 2011-09-27 06:53 am

Manuel Pais wrote:

Yes, Protocol is set to HTTPS.

But as far as I've read on Redmine/ChiliProject forums this setting is only used for links in the email notifications, not for the app links.

It is only used for the mails, yes.

I'm still not sure this isn't some bizarre problem with thin, would you be open to logging the request object ChiliProject sees and decides wether to present http or https links on?

RE: HTTPS redirect problems with very simple setup - Added by Manuel Pais at 2011-09-27 09:32 am

Sure, just let me know what I have to do.

thanks

RE: HTTPS redirect problems with very simple setup - Added by Felix Schäfer at 2011-10-02 06:09 pm

Sorry it took me a few days to get back to you, my HDD died beginning of the week and I had to make up the lost time.

Try the following diff:

 1diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
 2index 57d77f5..2e1cb36 100644
 3--- a/app/controllers/application_controller.rb
 4+++ b/app/controllers/application_controller.rb
 5@@ -56,6 +56,7 @@ class ApplicationController < ActionController::Base
 6   end
 7
 8   def user_setup
 9+    logger.info "Request: https: #{request.env['https'].inspect} ; x_forwarded_proto: #{request.env['HTTP_X_FORWARDED_PROTO'].inspect}" if logger
10     # Check the settings cache for each request
11     Setting.check_cache
12     # Find the current user

This should show a line like Request: https: nil ; x_forwarded_proto: nil for each request in your ChiliProject logs, if it says anything else than on for the first or https for the second paramater, then the request won't be recognized as an ssl one. If that doesn't show discrepancies, we'll have to inspect the other parts of the request…

RE: HTTPS redirect problems with very simple setup - Added by Manuel Pais at 2011-10-07 01:27 pm

No worries Felix, hope you could recover all your data!

This brings us to another problem I just found out: the logs stopped working since a couple of weeks ago.

The only reason I can think of is that before the logs stopped working I installed the Redcase plugin (from Redmine) which didn't function properly and then I removed it and restarted ChiliProject.

Any ideas? It's hard to debug without logs :)

RE: HTTPS redirect problems with very simple setup - Added by Felix Schäfer at 2011-10-07 04:10 pm

Manuel Pais wrote:

The only reason I can think of is that before the logs stopped working I installed the Redcase plugin (from Redmine) which didn't function properly and then I removed it and restarted ChiliProject.

Wrong permissions? Can't tell really, never heard of something like that unless the disk was full.

RE: HTTPS redirect problems with very simple setup - Added by Manuel Pais at 2011-10-10 11:05 am

OK, I found out the (no) log issue happens when running thin as a task in Windows.

Anyway I can now log the Request info and it always shows like this:

Request: https: nil ; x_forwarded_proto: nil

Regardless if it's an https request or an http request.

RE: HTTPS redirect problems with very simple setup - Added by Felix Schäfer at 2011-10-10 11:34 am

Manuel Pais wrote:

OK, I found out the (no) log issue happens when running thin as a task in Windows.

Anyway I can now log the Request info and it always shows like this:

Request: https: nil ; x_forwarded_proto: nil

Regardless if it's an https request or an http request.

I'd say something on the way to your ChiliProject instance gobbles up the information whether it's https or not. I've never used thin though, so I can't tell you where the problem is, but maybe you have to tell it to pass the X_FORWARDED_PROTO header through or something.

RE: HTTPS redirect problems with very simple setup - Added by Manuel Pais at 2011-10-10 11:45 am

thin is very simple, it has no configuration files or anything so I don't know how to change the header.

the ChiliProject installation instructions refer to using thin as webserver so I thought you'd be able to help me with this problem.

but i guess you've never tried it with SSL?

RE: HTTPS redirect problems with very simple setup - Added by Felix Schäfer at 2011-10-10 12:09 pm

I've personally never used thin at all :-)

It seems thin doesn't set the env stuff rails expects to detect if it's ssl. You could try logging the whole request ("Request: #{request.inspect}") and see if you find any mention of ssl, but that could get a lot quickly.

(1-15/15)