玩!Heroku上的框架:validation.keep()无法通过HTTPS工作 [英] Play! Framework on Heroku: validation.keep() isn't working over HTTPS
问题描述
我正在使用Heroku部署我的Play!框架应用.我有一个使用
I'm using Heroku to deploy my Play! framework app. I have a form that uses the standard structure of
public static void showForm() {
render();
}
public static void handleForm(@Required param, @Required otherParam, etc) {
if (validation.hasErrors()) {
validation.keep();
showForm();
} else {
//process form parameters
}
}
在以下情况下效果很好
- 在
- dev机器
- heroku在
www.myapp.com
上运行HTTP在 - dev机器
localhost:9000
上运行HTTP的 localhost:9443
上运行HTTPS的- dev machine running HTTP at
localhost:9000
- heroku running HTTP at
www.myapp.com
- dev machine running HTTPS at
localhost:9443
但是,对于使用基于主机名的SSL在 secure.myapp.com
上通过HTTPS在Heroku上执行此操作的表单,不会显示验证.我认为问题是 validation.keep()
无法正常工作.
However, for forms that do this on Heroku over HTTPS at secure.myapp.com
using hostname-based SSL, the validations don't show up. I think the problem is that validation.keep()
isn't working.
如果 validation.keep()
制作了cookie,则问题与 www.myapp.com
和 secure.myapp之间的区别有关.com
,那么我可能有一个更深层次的问题,因为:
If validation.keep()
makes a cookie, and the problem has something to do with the difference between www.myapp.com
and secure.myapp.com
, then I might have a deeper problem because:
- I already have
application.defaultCookieDomain=.myapp.com
, as per this question. - I think that both the GET and the POST are happening over HTTPS, so I think they have the same domain anyway...
- The form's GET is definitely over HTTPS
- When the form's data is processed, its result is definitely shown over HTTPS
- I guess it's possible that the POST is happening over HTTP (and thus
www.*
instead ofsecure.*
, but I'm not sure how to check).
有人对出什么问题有任何猜测吗?
Anybody have any guesses as to what's going wrong?
推荐答案
ssl(x-forwarded-proto)支持目前在heroku上的播放不兼容,导致所有请求均被视为不安全.
There is currently an incompatibility in the ssl (x-forwarded-proto) support for play on heroku that causes all requests to be considered insecure.
那么这可能与您的浏览器发送回的Cookie有关吗?
So maybe this is related to the cookies your browser is sending back?
这篇关于玩!Heroku上的框架:validation.keep()无法通过HTTPS工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!