Http_x_forwarded_proto not used by all requests


#1

Hi All,

I have Ghost serving http requests behind Nginx serving SSL.
When i access the site using https it loads, but Chrome complains about some requests:

The page at ‘https://blog.xxxxx.com/tag/music/’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://blog.xxxxx.com/assets/aftertype-supervisor.js’. This content should also be served over HTTPS.

Then it tries to load it over http and it fails (http port is not open).

Here are relevant Nginx log entry:
{ “@timestamp”: “2018-08-10T01:29:52+00:00”, “clientip”: “xx.xx.xx.x”, “forwarded_for”: “74.200.28.250, xx.xx.xx.x”, “bytes”: 1028, “duration”: 0.001, “status”: 200, “request”: “/public/ghost-sdk.min.js?v=c068d55aa1”, “urlpath”: “/public/ghost-sdk.min.js”, “urlquery”: “v=c068d55aa1”, “method”: “GET”, “upstream-status”: “200”, “http_x_forwarded_host”: “blog.xxxxx.com”, “http_x_forwarded_proto”: “https”}

So it looks like http_x_forwarded_proto is propagated, but not used by all requests. How can i fix it?


#2

It’s difficult to determine where the issue is without seeing your site, but based on what you described, the most likely causes are:

  • URL is hardcoded in theme (i.e. <script src="http://example.com/script.js"></script>)
  • Ghost URL is configured for HTTP (i.e. ghost config get url returns http://example.com)

#3

Thanks for reply!

The site is https://blog.balda.ca


#4

Your issue is bullet point #2 (Ghost URL is http) -

<link rel="canonical" href="http://blog.balda.ca/" />

Is the line in the compiled page which shows you this.

If you set up your blog using the Ghost CLI, just run ghost config set url https://blog.balda.ca && ghost restart in your installation directory, and everything will work again!


#5

Thanks again!

One complication - I used docker image to deploy it. Is there any way to deal with this?


#6

I’m not exactly sure but something along the lines of redeploy it with the updated URL env variable


#7

bitnami/ghost image has this setting documented as ‘GHOST_HOST’, but I’m using the official image and there is no documentation for this :frowning:


#8

I used the ‘url’ env variable - it seems to have an effect, but now I’m getting ERR_TOO_MANY_REDIRECTS error in Chrome.


#9

The most often cause I’ve seen for this issue is incorrect proxying - can you compare your nginx config to the CLI templates and make changes as needed?


#10

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.