I have an page that requires https, I have some rules in htaccess that redirect every http to https, but since this website must run inside facebook canvas I can’t have any redirect every link must be pure https.
Some of website content required login but every time the users try to access a page that requires login the users is redirect to http://website.com/login, and not to https://website.com/login. My htaccess redirect then to https, but the problem is that on facebook this is action is blocked.
I need that the call for the login action be done using https.
Yes I now it but for example in a controller with an accessControl set to only registered users the login url is created automatically. How to define it to use https instead of http?
And I can I do that? I’m using VestaCP is a panel with Apache and Nginx as reverse proxy. I added fastcgi_param HTTPS on; to snginx.conf but the problem keeps appearing
This is a good idea but seams that the only way to set https in it is to passing an absolute url in $loginUrl or there are another way.
Below I added an picture of the requests ad you see my htaccess already to the redirect to httpd, but i need that this redirect never occurs the first call must be https, because without this the website will be blocked inside facebook canvas.
After initial redirect to https every following Yii redirect should stick to the same protocol if not directly specified to change it afaik. Isn’t this the case?
No this is exactly my problem, as you can see in the attached image that I put in my previous post the first request is made in https then since this controller required a registered user is is redirected to http://domain.com/login then when this request hits the htaccess is redirected back to https but in facebook canvas the website is blocked before this second redirect occurs.
This redirect always remove the https and use only http. Probably a redirect like this is used to ask for the login and this may be the cause of this problem.
Problem solved. I discovered that $_SERVER[‘HTTPS’] is never set. And without it Yii don’t know that need to redirect to https. In my case I do a a quick fix adding:
$_SERVER[‘HTTPS’]=‘on’;
On index.php in frontend/web and backend/web now everything works fine.