loading...

re: Force HTTPS for AWS EB behind a Load Balancer VIEW POST

TOP OF THREAD FULL DISCUSSION
re: I think there is probably small issue with this setup. I think returning redirect is correct behavior for GET and HEAD requests but for other metho...
 

Interesting, I had not considered that. Like I said, the content of the NginX config is from awsdocs so I didn't question this directive since it did what I wanted it to.

As you say, probably not a big deal, but to be more compliant to the spec, maybe something like this would be a better approach.

if ($redirect = 1) {
    set $status = 301;

    if ( $request_method !~ ^(GET|HEAD)$ ) {
        set $status = 405;
    }

    return $status https://$host$request_uri;
}

Cause I can't see a scenario where you would need it for anything other than GET or HEAD.

Edit: Or maybe the uri is not needed when returning 405... Will have to check the specs in more detail.

Code of Conduct Report abuse