fix redirect for POST requests

author: Marcello Stanisci <marcello.stanisci@inria.fr> 2017-05-30 16:43:08 +0200
committer: Marcello Stanisci <marcello.stanisci@inria.fr> 2017-05-30 16:43:08 +0200
commit: 370358f69b8b8aa6a98d1d60d63d9f0ba67cc3df (patch)
tree: 4d52172a74a590b4c01641640e658abe46ed18fe /etc/nginx/sites-enabled
parent: 356007a8bcaacf23ebea35d52c13ec60fd8a50f5 (diff)
download: deployment-370358f69b8b8aa6a98d1d60d63d9f0ba67cc3df.tar.gz
deployment-370358f69b8b8aa6a98d1d60d63d9f0ba67cc3df.tar.bz2
deployment-370358f69b8b8aa6a98d1d60d63d9f0ba67cc3df.zip
1 files changed, 8 insertions, 2 deletions
diff --git a/etc/nginx/sites-enabled/test.site b/etc/nginx/sites-enabled/test.site
index 6767197..b5c01b0 100644
--- a/etc/nginx/sites-enabled/test.site
+++ b/etc/nginx/sites-enabled/test.site
@@ -5,8 +5,14 @@ server {
               bank.test.taler.net
               shop.test.taler.net
               exchange.test.taler.net;
-  rewrite ^ https://$host$request_uri? break;
-  return 307;
+
+  # 301-based ridirects allows the user agent to *change* the
+  # method used in the second request.  This breaks all the API
+  # using POST, as some user agents do the second request using
+  # GET.  307 is meant to tell the user agent to not change the
+  # method in the second request.
+  if ($requests_method = POST) { return 307 https://$host$request_uri; }
+  return 301 https://$host$request_uri;
 }
author	Marcello Stanisci <marcello.stanisci@inria.fr>	2017-05-30 16:43:08 +0200
committer	Marcello Stanisci <marcello.stanisci@inria.fr>	2017-05-30 16:43:08 +0200
commit	370358f69b8b8aa6a98d1d60d63d9f0ba67cc3df (patch)
tree	4d52172a74a590b4c01641640e658abe46ed18fe /etc/nginx/sites-enabled
parent	356007a8bcaacf23ebea35d52c13ec60fd8a50f5 (diff)
download	deployment-370358f69b8b8aa6a98d1d60d63d9f0ba67cc3df.tar.gz deployment-370358f69b8b8aa6a98d1d60d63d9f0ba67cc3df.tar.bz2 deployment-370358f69b8b8aa6a98d1d60d63d9f0ba67cc3df.zip