11

I have a website set up that uses the redirect method...

server {
    listen 80;
    server_name example.org;
    return 301 https://$server_name$request_uri;
}

However when a page is posted to "http://example.com" it redirects to "https://example.com" and in the process, it strips the POST.

I recognize this is how it works, however I need to somehow do one of the following...

  • Do a redirect from http -> https while keeping the POST variable intact
  • Convert the POST variable to a GET variable during the redirect (which would work fine)
  • Redirect everything EXCEPT for one folder

Any suggestions? I'm a bit lost...

Jonathan Coe
  • 1,485
  • 4
  • 18
  • 36

3 Answers3

17

If you are willing to forgo the "permanent" redirect status, I believe a 307 redirect instead of a 301 will preserve the POST. There actually is a redirect that is permanent and preserves the post, a 308, but it isn't well adopted yet by browsers and other user agents.

vcsjones
  • 138,677
  • 31
  • 291
  • 286
4

A 308 redirect is a fix, but the solution is to POST directly to https:

  • by posting to http, your post data are not secure
  • the redirect make the process slower
  • if you post to http from an https webpage, browser may display a warning to the user
Tom
  • 4,666
  • 2
  • 29
  • 48
  • 1
    Definitely would prefer to do this... unfortunately the issue is that it's an OLD flash swf file (an online course) that posts to the http/:80 url, and unfortunately I have no control over it. I fixed it by using a 308/307 rather than 301. Thank you! – Jonathan Coe Sep 06 '16 at 19:22
2

This is a common problem and there is not an easy solution for this.

There are some answers with similar questions here

Apache 301 Redirect and preserving post data

Is it possible to redirect post data?

Maybe one of the answers could help to solve your issue

Community
  • 1
  • 1
Aleksandar
  • 2,442
  • 3
  • 15
  • 24