背景

项目添加ssl证书后,APP/WEB端已经修改访问接口域名,但是多次查看日志均为http.

项目架构

AWS route53 –> ALB –> 目标群组(端口80) –> EC2

ALB挂载ssl证书,侦听器设置了两个规则

1. 80重定向到443(可以直接访问域名为https)
2. 443转发目标组80端口

问题

接口访问URL为HTTPS

日志记录为HTTP

打印日志代码

// 访问日志
CommonLog::writeAccessLog($request->url() . " parameters=" . json_encode($request->input()));

这是我打印请求的server的信息

其中HTTP_REFERER,HTTP_ORIGIN,HTTP_X_FORWARDED_PORT,HTTP_X_FORWARDED_PROTO 信息都是HTTPS

REQUEST_SCHEME,SERVER_PORT(这里是因为目标组和EC2端口为80)

探究

// 底层包路径  vendor\symfony\http-foundation\Request.php 
 /**
     * Checks whether the request is secure or not.
     *
     * This method can read the client protocol from the "X-Forwarded-Proto" header
     * when trusted proxies were set via "setTrustedProxies()".
     *
     * The "X-Forwarded-Proto" header must contain the protocol: "https" or "http".
     *
     * @return bool
     */ 
    public function isSecure()
    {
        if ($this->isFromTrustedProxy() && $proto = $this->getTrustedValues(self::HEADER_X_FORWARDED_PROTO)) {
            return \in_array(strtolower($proto[0]), ['https', 'on', 'ssl', '1'], true);
        }

        $https = $this->server->get('HTTPS');

        return !empty($https) && 'off' !== strtolower($https);
    }

官方说包含这个X-Forwarded-Proto为https

我的HTTP_X_FORWARDED_PROTO这个显示为https,有知道的可以给说下原因

nginx配置