玩! Heroku上的框架:validation.keep()不适用于HTTPS [英] Play! Framework on Heroku: validation.keep() isn't working over HTTPS
问题描述
我使用Heroku来部署我的Play!框架应用。我有一个使用
$ b
标准结构的表单。
}
public static void handleForm(@Required param,@Required otherParam等){
if(validation.hasErrors()){
validation.keep );
showForm();
} else {
//处理表单参数
}
}
这可以正常工作:
localhost:9000 $ c在$
localhost:9443
但是,对于Heroku通过使用基于主机名的SSL在 secure.myapp.com
上的HTTPS,验证不会显示。我认为问题在于 validation.keep()
不起作用。
如果 validation.keep()
生成一个cookie,问题与 www.myapp.com
和<$ c之间的区别有关$ c> secure.myapp.com ,那么我可能会遇到更深层的问题,因为:
application.defaultCookieDomain = .myapp.com
,根据
www。*
而不是 secure。*
,但我不确定如何检查)。
任何人有什么猜错?
目前在heroku上的ssl(x-forwarded-proto)支持上存在不兼容性,导致所有请求被视为不安全。
所以,这可能与您的浏览器发回的cookies有关?
I'm using Heroku to deploy my Play! framework app. I have a form that uses the standard structure of
public static void showForm() {
render();
}
public static void handleForm(@Required param, @Required otherParam, etc) {
if (validation.hasErrors()) {
validation.keep();
showForm();
} else {
//process form parameters
}
}
This works fine on:
- dev machine running HTTP at
localhost:9000
- heroku running HTTP at
www.myapp.com
- dev machine running HTTPS at
localhost:9443
However, for forms that do this on Heroku over HTTPS at secure.myapp.com
using hostname-based SSL, the validations don't show up. I think the problem is that validation.keep()
isn't working.
If validation.keep()
makes a cookie, and the problem has something to do with the difference between www.myapp.com
and secure.myapp.com
, then I might have a deeper problem because:
- I already have
application.defaultCookieDomain=.myapp.com
, as per this question. - I think that both the GET and the POST are happening over HTTPS, so I think they have the same domain anyway...
- The form's GET is definitely over HTTPS
- When the form's data is processed, its result is definitely shown over HTTPS
- I guess it's possible that the POST is happening over HTTP (and thus
www.*
instead ofsecure.*
, but I'm not sure how to check).
Anybody have any guesses as to what's going wrong?
There is currently an incompatibility in the ssl (x-forwarded-proto) support for play on heroku that causes all requests to be considered insecure.
So maybe this is related to the cookies your browser is sending back?
这篇关于玩! Heroku上的框架:validation.keep()不适用于HTTPS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!