Friend produces incorrect absolute redirects when behind a proxy

A long time ago, they changed friend from using relative URLs to absolute for redirects: https://github.com/cemerick/friend/commit/5b0432385bc86f94ae32f7094a3d096803555e58
> The default :login-uri is /login, which gets used in the "Location" header when generating redirects. Browsers may accept this, but it is not valid according to the [HTTP spec](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30), which requires an absolute URI.

However, this broke redirects, in case there's a proxy or a load balancer in front of the app terminating SSL/TLS: https://github.com/cemerick/friend/issues/84

The argument that "it is not valid according to the [HTTP spec](http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.30)" hasn't been true for a long time.
There's an updated HTTP spec that allows using relative URLs for redirects: https://datatracker.ietf.org/doc/html/rfc7231#section-7.1.2

**I suggest changing the code so it uses relative URLs for redirects again**. That way, it will work out of the box.

Other resources: 
- https://en.wikipedia.org/wiki/HTTP_location
- https://stackoverflow.com/questions/25652718/do-relative-server-side-redirects-respect-the-protocol


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Friend produces incorrect absolute redirects when behind a proxy #4

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Friend produces incorrect absolute redirects when behind a proxy #4

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions