Daniel Watts wrote: > Paul Lesniewski wrote: >> On 6/28/07, Daniel W <d@xxxxxxxxxxxxx> wrote: >>> Paul Lesniewski wrote: >>>> On 6/28/07, Daniel Watts <d@xxxxxxxxxxxxx> wrote: >>>>> Dear List, >>>>> >>>>> Has anyone got a setup where you have a Pound front end reverse-proxy >>>>> listening for HTTPS traffic, and redirecting via HTTP to a batch of >>>>> backend web servers that squirrelmail is installed on? >>>>> >>>>> I have this working nicely except that the links and redirects are all >>>>> then written as "http" rather than "https". Is there any sane way I can >>>>> get the system so that security is maintained? >>>> If SM has no information about SSL a connection, you simply cannot >>>> expect it to do anything but what it is doing. >>>> >>>>> I'm thinking this might be to do with the "get_location" function in >>>>> squirrelmail - will I need to modify this somehow? >>>> Most people do that. >>> Really? How do they rework it? >> Most people (I hope) use $config_location_base >> >> You might be able to use it too if there is some header you can look >> at. In the config.php file, you could try something like: >> >> $config_location_base = (!empty($_SERVER['WHATEVER']) && >> $_SERVER['WHATEVER'] == 'HTTPS' ? 'https://example.org/webmail' : ''); >> > > Thank you - I'll give this a go. We've actually found out that Pounds > does have internal intelligent http->https rewriting where it realises > that a location redirect is going to an http page within the same domain > and it rewrites the response to be https. Not had much actually getting > that working but will try that first and, if that fails, try to get > things working at the application (Squirrelmail) level. > > Thanks Paul. > Daniel For completeness - if anyone is looking to do the same we found our problem was we were running from a chroot but had forgotten to copy in the dns files (resolv.conf) so the proxy couldn't do any lookups to determine whether it should rewrite or not. Works mostly great but a few actions cause it to render the page with http:// links. eg: Sending a message Emptying Trash Create Folder So looking now to see if get_location can be made to be psychic =) And/or that displayPageHeader function... Dan Looking at the get_location ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ -- squirrelmail-users mailing list Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines List Address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995 List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
