Tomcat – How to redirect HTTP post request

apache-2.2httpdhttpd.confredirecttomcat

Hi I am currently using the below code in my apache httpd.conf file to redirect from HTTP to HTTPS

<VirtualHost 10.1.2.91:80>
Redirect 302 /GladQE/link https://glad-test.com/GladQE/link.do
Redirect 302 /GladQE/retrieve https://glad-test.com/GladQE/retrieve.do
</VirtualHost>

This redirects parameters from a get request but not from a post. From reading on here it looks like this needs to be done using mod_rewrite.

Can somebody help with the amendments I would need to make so that when the link on the left is hit using post params it redirects to the link on the right with the params intact?

Many thanks

Tom

Best Answer

Looks like Apache config? It's a good idea to specify things like that. The tags confirm it though.

That config only runs when they connect on port 443, so it can't redirect from HTTP.

You can't do a 30[12] redirect in response to a POST request and keep the arguments unless you convert the request to a GET and write the arguments into the URL. Not really recommended.

You can proxy the request, but I'm not sure that solves your problem.

If the user has already submitted data via POST over an unencrypted connection, and you care about the encryption, you're probably best to let that request break anyway, so it gets noticed and fixed. You should be fixing your form target, and also making sure that the form itself (or the page with AJAX in it or whatever) is sent to the user over HTTPS.

UPDATE

Given that shawsy has said that the problem is that The browser cannot make HTTPS connections to the server, a redirect is definitely not what's wanted. Rather you want to proxy the request:

<VirtualHost 10.1.2.91:80>
  # http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#proxypass
  ProxyPass /GladQE/link https://glad-test.com/GladQE/link.do
  ProxyPass /GladQE/retrieve https://glad-test.com/GladQE/retrieve.do
</VirtualHost>

You could alternatively do it with mod_rewrite and RewriteRule.

There are some extra issues to work out if you're changing the domain name, but I think that's not the case here.

Just as an aside, I personally don't like putting host names or IP addresses anywhere except in the server's /etc/hosts file. If you use names in the hosts file like 'web' and 'mysql', which locate services rather than machines, and you refer to those in your apache and other files, then you can move configuration between machines much more easily, knowing that you only have to go over what's in the hosts file.

Correct way in new versions of nginx

Turn out my first answer to this question was correct at certain time, but it turned into another pitfall - to stay up to date please check Taxing rewrite pitfalls

I have been corrected by many SE users, so the credit goes to them, but more importantly, here is the correct code:

server {
       listen         80;
       server_name    my.domain.com;
       return         301 https://$server_name$request_uri;
}

server {
       listen         443 ssl;
       server_name    my.domain.com;
       # add Strict-Transport-Security to prevent man in the middle attacks
       add_header Strict-Transport-Security "max-age=31536000" always; 

       [....]
}

Apache redirect based on referrer

This isn't caused by any rewrite rules on railsrumble.com. Your website is the default website for the IP address (http://74.207.240.229), both sites are served from the same IP address.

You can forward all visitors who are not using your own domain with the following rewrite rules:

RewriteEngine On
RewriteCond %{HTTP_HOST} !.*?agilegrad.com$ [NC]
ReWriteRule /(.*)$ http://www.agilegrad.com/$1 [R=301,L]

Best Answer

Related Solutions

NGINX Redirect – How to Rewrite All HTTP Requests to HTTPS While Maintaining Sub-Domain

Correct way in new versions of nginx

Apache redirect based on referrer

Related Topic