Probably you are right, the ^~ is important.<br>Thx<br> Dave<br><br><div class="gmail_quote">On Tue, Sep 25, 2012 at 5:44 PM, Paul DeBruicker [via Smalltalk] <span dir="ltr"><<a href="/user/SendEmail.jtp?type=node&node=4649097&i=0" target="_top" rel="nofollow" link="external">[hidden email]</a>></span> wrote:<br>
<blockquote style='border-left:2px solid #CCCCCC;padding:0 1em' class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">
Ahh. Ok. Yeah your @mySeasideApp section looks fine.
<br><br><br>The way I wrote this part of the https server config:
<br><br></div><div class="im">location ^~ /signin {
<br> try_files $uri @mySeasideApp
<br>}
<br><br></div><div class="im">tells nginx to stop checking other rules and process that one (the ^~
<br>part stops searching on match:
<br><a href="http://wiki.nginx.org/HttpCoreModule#location" rel="nofollow" link="external" target="_blank">http://wiki.nginx.org/HttpCoreModule#location</a>). So it would depend on
<br>how you added the rewrite to your configuration for the https server.
<br>Nginx may never get to it.
<br><br><br><br><br><br><br><br>On 09/25/2012 01:07 AM, Lasmiste wrote:
</div><div><div class="im"><br>> Hi Paul,
<br>> I did a search on google and tried the first result
<br>> <a href="http://superuser.com/questions/435916/nginx-rewrite-rule-to-remove-path-node" rel="nofollow" link="external" target="_blank">http://superuser.com/questions/435916/nginx-rewrite-rule-to-remove-path-node</a><br>
> (it seemed to me trivial), well, it works on my http section in ngninx,
<br>> but it does not work in https section, that's really weird, probably
<br>> it's something I'm missing.
<br>> Cheers
<br>> Dave
<br>>
<br>>
<br></div><div class="im">> On Mon, Sep 24, 2012 at 8:11 PM, Paul DeBruicker <<a href="http://user/SendEmail.jtp?type=node&node=4648953&i=0" rel="nofollow" link="external" target="_blank">[hidden email]</a>
<br>> <mailto:<a href="http://user/SendEmail.jtp?type=node&node=4648953&i=1" rel="nofollow" link="external" target="_blank">[hidden email]</a>>> wrote:
<br>>
<br>> In my email clients (iOS mail app and Thunderbird) the place where
<br>> you specify your @mySeasideApp below shows nothing.
<br>>
<br>>
<br>> Do you think you're still having a problem with that part or is it
<br>> just url rewriting with nginx now?
<br></div>> <a href="<a href="https://encrypted.google.com/__search?hl=en&amp;q=nginx%20remove%__20part%20of%20path%20from%__20url" target="_blank">https://encrypted.google.com/__search?hl=en&q=nginx%20remove%__20part%20of%20path%20from%__20url</a>"><a href="https://encrypted.google.com/__search?hl=en&amp;q=nginx%20remove%__20part%20of%20path%20from%__20url" target="_blank">https://encrypted.google.com/__search?hl=en&q=nginx%20remove%__20part%20of%20path%20from%__20url</a><div class="im">
<div class='shrinkable-quote'><br>> <<a href="https://encrypted.google.com/search?hl=en&q=nginx%20remove%20part%20of%20path%20from%20url" rel="nofollow" link="external" target="_blank">https://encrypted.google.com/search?hl=en&q=nginx%20remove%20part%20of%20path%20from%20url</a>>
<br>>
<br>>
<br>>
<br>>
<br>>
<br>>
<br>>
<br>> On 09/23/2012 11:28 AM, Dav wrote:
<br>>
</div></div><div class="im">> Hi Paul,
<br>> I can't make it work, probably due to my lack of knowledge of
<br>> nginx
<br>>
<br>> Let's take the signin example. I wrote @mySeasideApp like this:
<br>>
<br>>
<br>>
<br></div><div><div class="h5">> That's because my seaside app is running on 8080, but
<div class='shrinkable-quote'><br>> unfortunately when I
<br>> click on the signin anchor, my browser reply: "/signin not found"
<br>> I think that nginx should remove the /signin extrapath when it
<br>> redirects to
<br>> 8080, but I don't know how.
<br>> Can you help me?
<br>> Thanks
<br>> Dave
<br>>
<br>>
<br>>
<br>>
<br>> Paul DeBruicker wrote
<br>>
<br>> I think you can change it with two server definitions in
<br>> nginx and never
<br>> mess with Seaside's https/http functionality at all, ever.
<br>>
<br>>
<br>> e.g. If the link is to <a href="http://example.com/signin" rel="nofollow" link="external" target="_blank">http://example.com/signin</a><br>> <a href="http://example.com/signup" rel="nofollow" link="external" target="_blank">http://example.com/signup</a> or <a href="http://example.com/backend" rel="nofollow" link="external" target="_blank">http://example.com/backend</a> and
<br>> the client
<br>> attempts to connect via http I rewrite & redirect to https
<br>> with nginx
<br>> and pass the request to Seaside. The SSL connections are
<br>> terminated at
<br>> Nginx. All my links in my Seaside app are just regular
<br>> anchors/buttons
<br>> with plain callbacks. The public site can be accessed via
<br>> http or
<br>> https. The sign-in, sign-up and backend portions are always
<br>> SSL.
<br>>
<br>> The signin form link becomes
<br>>
<br>> html anchor
<br>> useBaseUrl;
<br>> extraPath:'signin';
<br>> callback:[self showSignin];
<br>> with:'Sign In'.
<br>>
<br>>
<br>> Once the user authenticates it would seem to make sense to
<br>> serve them
<br>> only via SSL for the duration of their session to increase the
<br>> probability that none of their info leaks. Plus the cost in
<br>> engineering
<br>> time to forever maintain a mental model of which links
<br>> should be secure
<br>> or not seems high relative to the cost of just the cpu time
<br>> to just make
<br>> everything SSL.
<br>>
<br>>
<br>>
<br>>
<br>> The Nginx server directives I use are:
<br>> server {
<br>>
<br>> listen 80;
</div></div></div>> include sites-available/mySiteDetails.__conf;
<br><div class="im">>
<div class='shrinkable-quote'><br>> location ^~ /backend {
<br>> rewrite ^/(.*)$
<br>> <a href="https://www.example.com/$1" rel="nofollow" link="external" target="_blank">https://www.example.com/$1</a> redirect;
<br>> }
<br>>
<br>> location ^~ /signin {
<br>> rewrite ^/(.*)$
<br>> <a href="https://www.example.com/$1" rel="nofollow" link="external" target="_blank">https://www.example.com/$1</a> redirect;
<br>> }
<br>> location ^~ /signup {
<br>> rewrite ^/(.*)$
<br>> <a href="https://www.example.com/$1" rel="nofollow" link="external" target="_blank">https://www.example.com/$1</a> redirect;
<br>> }
<br>> }
<br>>
<br>> server {
<br>> listen 443 ssl;
</div></div><div class="im">> ssl_certificate /usr/local/nginx/conf/myApp.__cert;
<br>> ssl_certificate_key /usr/local/nginx/conf/myApp.__key;
<br>> include sites-available/mySiteDetails.__conf;
<br></div><div class="im">> location ^~ /backend {
<div class='shrinkable-quote'><br>> try_files $uri @mySeasideApp;
<br>> }
<br>> location ^~ /signin {
<br>> try_files $uri @mySeasideApp;
<br>> }
<br>> location ^~ /signup {
<br>> try_files $uri @mySeasideApp;
<br>> }
<br>> }
<br>>
<br>>
<br>> Hope this helps
<br>>
<br>> Paul
<br>>
<br>>
<br>>
<br>>
<br>>
<br>> On 09/23/2012 09:11 AM, Dav wrote:
<br>>
<br>> Hi Boris,
<br>> Actually I have secured and not secured links, and
<br>> it's a lot of work
<br>> change it, so I prefer only to secure login. Is it
<br>> really so difficult in
<br>> seaside?
<br>> Cheers
<br>> Dave
<br>>
<br>>
<br>> Boris Popov, DeepCove Labs (SNN) wrote
<br>>
<br>> Any specific reason you don't just want your whole
<br>> application to be
<br>> SSL-secured?
<br>>
<br>> -Boris
<br>>
<br>>
<br>>
<br>>
<br>>
<br>>
<br>> --
<br>> View this message in context:
</div></div>> <a href="http://forum.world.st/Login-__form-via-ssl-https-__tp4648556p4648566.html" rel="nofollow" link="external" target="_blank">http://forum.world.st/Login-__form-via-ssl-https-__tp4648556p4648566.html</a><div class="im">
<br>> <<a href="http://forum.world.st/Login-form-via-ssl-https-tp4648556p4648566.html" rel="nofollow" link="external" target="_blank">http://forum.world.st/Login-form-via-ssl-https-tp4648556p4648566.html</a>>
<br>> Sent from the Seaside General mailing list archive at
<br>> Nabble.com.
<br></div><div class="im">> _________________________________________________
<br>> seaside mailing list
<br>>
<br>>
<br>> seaside@.squeakfoundation
<br>>
<br>>
<br>> <a href="http://lists.squeakfoundation.__org/cgi-bin/mailman/listinfo/__seaside" rel="nofollow" link="external" target="_blank">http://lists.squeakfoundation.__org/cgi-bin/mailman/listinfo/__seaside</a><br>
> <<a href="http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside" rel="nofollow" link="external" target="_blank">http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside</a>>
<div class='shrinkable-quote'><br>>
<br>>
<br>> _________________________________________________
<br>> seaside mailing list
<br>>
<br>>
<br>> seaside@.squeakfoundation
<br>>
<br>>
<br>> <a href="http://lists.squeakfoundation.__org/cgi-bin/mailman/listinfo/__seaside" rel="nofollow" link="external" target="_blank">http://lists.squeakfoundation.__org/cgi-bin/mailman/listinfo/__seaside</a></div>
> <<a href="http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside" rel="nofollow" link="external" target="_blank">http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside</a>>
<br>>
<br>>
<br>>
<br>>
<br>>
<br>>
<br></div><div class="im">> --
<br>> View this message in context:
<br></div>> <a href="http://forum.world.st/Login-__form-via-ssl-https-__tp4648556p4648581.html" rel="nofollow" link="external" target="_blank">http://forum.world.st/Login-__form-via-ssl-https-__tp4648556p4648581.html</a><br>
> <<a href="http://forum.world.st/Login-form-via-ssl-https-tp4648556p4648581.html" rel="nofollow" link="external" target="_blank">http://forum.world.st/Login-form-via-ssl-https-tp4648556p4648581.html</a>>
<br><div class="im">>
<br>> Sent from the Seaside General mailing list archive at Nabble.com.
<br></div>> _________________________________________________
<br><div class="im">> seaside mailing list
<br>> <a href="http://user/SendEmail.jtp?type=node&node=4648953&i=2" rel="nofollow" link="external" target="_blank">[hidden email]</a>
<br></div>> <mailto:<a href="http://user/SendEmail.jtp?type=node&node=4648953&i=3" rel="nofollow" link="external" target="_blank">[hidden email]</a>>
<br>> <a href="http://lists.squeakfoundation.__org/cgi-bin/mailman/listinfo/__seaside" rel="nofollow" link="external" target="_blank">http://lists.squeakfoundation.__org/cgi-bin/mailman/listinfo/__seaside</a><br>
> <<a href="http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside" rel="nofollow" link="external" target="_blank">http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside</a>>
<br>>
<br>>
<br>>
</div><div class="im"><br>_______________________________________________
<br>seaside mailing list
<br><a href="http://user/SendEmail.jtp?type=node&node=4648953&i=4" rel="nofollow" link="external" target="_blank">[hidden email]</a>
<br><a href="http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside" rel="nofollow" link="external" target="_blank">http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside</a><br>
<br>
<br>
<hr color="#cccccc" noshade size="1">
</div><div style="color:#444;font:12px tahoma,geneva,helvetica,arial,sans-serif"><div class="im">
<div style="font-weight:bold">If you reply to this email, your message will be added to the discussion below:</div>
</div><a href="http://forum.world.st/Login-form-via-ssl-https-tp4648556p4648953.html" target="_blank" rel="nofollow" link="external">http://forum.world.st/Login-form-via-ssl-https-tp4648556p4648953.html</a>
</div><div class="HOEnZb"><div class="h5">
<div style="color:#666;font:11px tahoma,geneva,helvetica,arial,sans-serif;margin-top:.4em;line-height:1.5em">
To unsubscribe from Login form via ssl (https), <a href="" target="_blank" rel="nofollow" link="external">click here</a>.<br>
<a href="http://forum.world.st/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml" rel="nofollow" style="font:9px serif" target="_blank" link="external">NAML</a>
</div></div></div></blockquote></div><br>
<br/><hr align="left" width="300" />
View this message in context: <a href="http://forum.world.st/Login-form-via-ssl-https-tp4648556p4649097.html">Re: Login form via ssl (https)</a><br/>
Sent from the <a href="http://forum.world.st/Seaside-General-f86180.html">Seaside General mailing list archive</a> at Nabble.com.<br/>