0

My system is running the play framework through lighttpd. I need to know if the requests that are coming from Facebook are from https or http.

Two questions:

  1. Is there any way that I can tell in my framework if the original request was from http or https? (I checked request.secure, but it is always false)

  2. If the framework doesn't give me any method to detect that, is there anyway that I can use mod_rewrite to add a ssl=true to the query parameters?

Scrivener
  • 3,106
  • 1
  • 20
  • 23
nightograph
  • 1
  • 1

1 Answers1

1

I haven't tried this myself but according to this discussion you should add 

RequestHeader set X-Forwarded-Proto "https"

to your virtual host. Play will see this and set request.secure to true even if the traffic reaching the play instance has already been decrypted.

nylund
  • 211
  • 2
  • 2