CNAME to Heroku app results in 301 redirect

Question

TL;DR: I want my custom domain to be shown in the address bar, not the CNAME.

I have an app hosted on Heroku at try-elixir-phoenix.herokuapp.com.

I bought the domain from Namecheap, and configured the CNAME entry there:

www.tryelixir.online CNAME try-elixir-phoenix.herokuapp.com.

I also configured the custom domains in heroku:

 $ heroku domains
=== try-elixir-phoenix Heroku Domain
try-elixir-phoenix.herokuapp.com

=== try-elixir-phoenix Custom Domains
Domain Name           DNS Target
────────────────────  ────────────────────────────────
tryelixir.online      try-elixir-phoenix.herokuapp.com
www.tryelixir.online  try-elixir-phoenix.herokuapp.com

But if I curl my custom domain, I get a 301 redirect:

 $ curl --head http://www.tryelixir.online
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: Cowboy
Date: Thu, 25 Feb 2016 15:11:01 GMT
Content-Length: 0
Cache-Control: max-age=0, private, must-revalidate
Location: https://try-elixir-phoenix.herokuapp.com/
Via: 1.1 vegur

This also means that the user sees the herokuapp.com URL, instead of my custom one.

The Heroku docs say that:

Your app’s Heroku Domain will always remain active, even if you’ve set up a custom domain. If you want users to use the custom domain exclusively, your app should send HTTP status 301 Moved Permanently to tell web browsers to use the custom domain. The Host HTTP request header field will show which domain the user is trying to access; send a redirect if that field is example.herokuapp.com.

Does the above apply to me?

No, that is the inverse of your problem. – Michael Hampton Feb 25 '16 at 15:46 — Michael Hampton, Feb 25 '16 at 15:46

score 0 · Accepted Answer · answered Feb 26 '16 at 15:04

0

It turns out that the redirect was happening at the app level. Heroku's support confirmed that their router doesn't add any redirects.

answered Feb 26 '16 at 15:04

asymmetric

140
7

which file was the redirect happening within the application? And how did you solve the issue? – Jack Carlisle Aug 02 '17 at 13:57

score 0 · Answer 2 · edited Jul 14 '16 at 11:57

0

If you followed the instructions then before adding your custom domain the you'll need to update the config:

url: [scheme: "https", host: "mysterious-meadow-6277.herokuapp.com", port: 443], force_ssl: [rewrite_on: [:x_forwarded_proto]]

edited Jul 14 '16 at 11:57

asymmetric

140
7

answered Jul 14 '16 at 10:00

msp

1

score 0 · Answer 3 · answered Aug 02 '17 at 14:16

For anyone else experiencing this issue, there is a quick (yet insecure) solution. If your application is handling any sensitive data for example credit card information or user login details then DO NOT use this method but instead set up your application to work with SSL.

--- Insecure solution ---

You should have something like this in your config/prod.exs file:

# config/prod.exs 

config :app, App.Endpoint,
  http: [port: {:system, "PORT"}],
  url: [scheme: "https", host: "app.herokuapp.com", port: 443],
  force_ssl: [rewrite_on: [:x_forwarded_proto]],
  cache_static_manifest: "priv/static/manifest.json",
  secret_key_base: System.get_env("SECRET_KEY_BASE")

You want to make the following changes:

Change the url scheme from https to http
Remove the force_ssl configuration

This should leave you something like this:

# config/prod.exs 

config :app, App.Endpoint,
  http: [port: {:system, "PORT"}],
  url: [scheme: "http", host: "app.herokuapp.com", port: 443],
  cache_static_manifest: "priv/static/manifest.json",
  secret_key_base: System.get_env("SECRET_KEY_BASE")

On your next redeploy you should be able to visit your application at your custom domain.

CNAME to Heroku app results in 301 redirect

3 Answers3

--- Insecure solution ---