root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 4 Packages Projects Releases Wiki Activity
spring-security/docs/modules/ROOT/pages/servlet/appendix/proxy-server.adoc

15 lines
1.5 KiB
Plaintext
Raw Normal View History

Document Proxy Server Issue gh-4076
2016-10-18 10:07:57 +08:00
[[appendix-proxy-server]]
Remove include servlet/saml2/index.adoc
2021-07-31 02:52:15 +08:00
= Proxy Server Configuration
Document Proxy Server Issue gh-4076
2016-10-18 10:07:57 +08:00
When using a proxy server it is important to ensure that you have configured your application properly.
URL Cleanup This commit updates URLs to prefer the https protocol. Redirects are not followed to avoid accidentally expanding intentionally shortened URLs (i.e. if using a URL shortener). # HTTP URLs that Could Not Be Fixed These URLs were unable to be fixed. Please review them to see if they can be manually resolved. * http://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html (200) with 1 occurrences could not be migrated: ([https](https://blog.opensecurityresearch.com/2012/02/json-csrf-with-parameter-padding.html) result ClosedChannelException). * http://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html (200) with 1 occurrences could not be migrated: ([https](https://bouncy-castle.1462172.n4.nabble.com/Java-Bouncy-Castle-scrypt-implementation-td4656832.html) result SSLHandshakeException). * http://cujojs.com/ (200) with 1 occurrences could not be migrated: ([https](https://cujojs.com/) result SSLHandshakeException). * http://erik.eae.net/archives/2007/07/27/18.54.15/ (200) with 1 occurrences could not be migrated: ([https](https://erik.eae.net/archives/2007/07/27/18.54.15/) result SSLHandshakeException). * http://javascript.nwbox.com/IEContentLoaded/ (200) with 1 occurrences could not be migrated: ([https](https://javascript.nwbox.com/IEContentLoaded/) result SSLHandshakeException). * http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html (200) with 1 occurrences could not be migrated: ([https](https://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2011-February/007533.html) result SSLHandshakeException). * http://monkeymachine.co.uk/ (200) with 2 occurrences could not be migrated: ([https](https://monkeymachine.co.uk/) result SSLHandshakeException). * http://perfectionkills.com/detecting-event-support-without-browser-sniffing/ (200) with 1 occurrences could not be migrated: ([https](https://perfectionkills.com/detecting-event-support-without-browser-sniffing/) result SSLHandshakeException). * http://somesite.com/login (200) with 3 occurrences could not be migrated: ([https](https://somesite.com/login) result AnnotatedConnectException). * http://someurl.com/ (200) with 2 occurrences could not be migrated: ([https](https://someurl.com/) result SSLHandshakeException). * http://sscce.org/ (200) with 1 occurrences could not be migrated: ([https](https://sscce.org/) result SSLHandshakeException). * http://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf (200) with 2 occurrences could not be migrated: ([https](https://webblaze.cs.berkeley.edu/papers/barth-caballero-song.pdf) result 404). * http://www.example.com:80/ (200) with 1 occurrences could not be migrated: ([https](https://www.example.com:80/) result NotSslRecordException). * http://www.faqs.org/qa/rfcc-1940.html (200) with 3 occurrences could not be migrated: ([https](https://www.faqs.org/qa/rfcc-1940.html) result AnnotatedConnectException). * http://www.faqs.org/rfcs/rfc1945.html (200) with 2 occurrences could not be migrated: ([https](https://www.faqs.org/rfcs/rfc1945.html) result AnnotatedConnectException). * http://www.faqs.org/rfcs/rfc3548.html (200) with 3 occurrences could not be migrated: ([https](https://www.faqs.org/rfcs/rfc3548.html) result AnnotatedConnectException). * http://www.zytrax.com/books/ldap/ (200) with 2 occurrences could not be migrated: ([https](https://www.zytrax.com/books/ldap/) result AnnotatedConnectException). * http://blindsignals.com/index.php/2009/07/jquery-delay/ (301) with 1 occurrences could not be migrated: ([https](https://blindsignals.com/index.php/2009/07/jquery-delay/) result SSLHandshakeException). * http://www.faqs.org/ (301) with 1 occurrences could not be migrated: ([https](https://www.faqs.org/) result AnnotatedConnectException). * http://sam.zoy.org/wtfpl/ (301) with 2 occurrences could not be migrated: ([https](https://sam.zoy.org/wtfpl/) result SSLHandshakeException). * http://hey.openid.com/ (302) with 1 occurrences could not be migrated: ([https](https://hey.openid.com/) result SSLHandshakeException). * http://iharder.net/base64 (303) with 2 occurrences could not be migrated: ([https](https://iharder.net/base64) result AnnotatedConnectException). * http://jaspan.com/improved_persistent_login_cookie_best_practice (500) with 3 occurrences could not be migrated: ([https](https://jaspan.com/improved_persistent_login_cookie_best_practice) result AnnotatedConnectException). # Fixed URLs ## Fixed But Review Recommended These URLs were fixed, but the https status was not OK. However, the https status was the same as the http request or http redirected to an https URL, so they were migrated. Your review is recommended. * http://www.relaxng.org/ (301) with 1 occurrences migrated to: https://relaxng.org/ ([https](https://www.relaxng.org/) result SSLHandshakeException). * http://www.relaxng.org (301) with 1 occurrences migrated to: https://relaxng.org/ ([https](https://www.relaxng.org) result SSLHandshakeException). * http://tools.ietf.org/html/draft-ietf-websec-x-frame-options (301) with 2 occurrences migrated to: https://tools.ietf.org/html/draft-ietf-websec-x-frame-options ([https](https://tools.ietf.org/html/draft-ietf-websec-x-frame-options) result ReadTimeoutException). * http://foo.test.com (302) with 2 occurrences migrated to: https://www.test.com ([https](https://foo.test.com) result SSLHandshakeException). * http://abc.test.com (302) with 2 occurrences migrated to: https://www.test.com ([https](https://abc.test.com) result SSLHandshakeException). * http://192.168.1:8080 (ConnectTimeoutException) with 2 occurrences migrated to: https://192.168.1:8080 ([https](https://192.168.1:8080) result ConnectTimeoutException). * http://www.example.com:8080/mycontext/secure/page.html (ConnectTimeoutException) with 1 occurrences migrated to: https://www.example.com:8080/mycontext/secure/page.html ([https](https://www.example.com:8080/mycontext/secure/page.html) result ConnectTimeoutException). * http://www.example.com:8888/bigWebApp/hello (ConnectTimeoutException) with 1 occurrences migrated to: https://www.example.com:8888/bigWebApp/hello ([https](https://www.example.com:8888/bigWebApp/hello) result ConnectTimeoutException). * http://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true (ConnectTimeoutException) with 1 occurrences migrated to: https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com:8888/bigWebApp/hello/pathInfo.html?open=true) result ConnectTimeoutException). * http://www.opensymphony.com/sitemesh/decorator (ConnectTimeoutException) with 1 occurrences migrated to: https://www.opensymphony.com/sitemesh/decorator ([https](https://www.opensymphony.com/sitemesh/decorator) result ConnectTimeoutException). * http://www.opensymphony.com/sitemesh/page (ConnectTimeoutException) with 1 occurrences migrated to: https://www.opensymphony.com/sitemesh/page ([https](https://www.opensymphony.com/sitemesh/page) result ConnectTimeoutException). * http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd (ReadTimeoutException) with 1 occurrences migrated to: https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd ([https](https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd) result ReadTimeoutException). * http://axschema.org/ (UnknownHostException) with 2 occurrences migrated to: https://axschema.org/ ([https](https://axschema.org/) result UnknownHostException). * http://axschema.org/contact/email (UnknownHostException) with 23 occurrences migrated to: https://axschema.org/contact/email ([https](https://axschema.org/contact/email) result UnknownHostException). * http://axschema.org/namePerson (UnknownHostException) with 5 occurrences migrated to: https://axschema.org/namePerson ([https](https://axschema.org/namePerson) result UnknownHostException). * http://axschema.org/namePerson/first (UnknownHostException) with 4 occurrences migrated to: https://axschema.org/namePerson/first ([https](https://axschema.org/namePerson/first) result UnknownHostException). * http://axschema.org/namePerson/last (UnknownHostException) with 4 occurrences migrated to: https://axschema.org/namePerson/last ([https](https://axschema.org/namePerson/last) result UnknownHostException). * http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to: https://context.blah.com/context/remainder ([https](https://context.blah.com/context/remainder) result UnknownHostException). * http://default (UnknownHostException) with 12 occurrences migrated to: https://default ([https](https://default) result UnknownHostException). * http://endpoint (UnknownHostException) with 4 occurrences migrated to: https://endpoint ([https](https://endpoint) result UnknownHostException). * http://endpoint?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to: https://endpoint?id_token_hint=id-token ([https](https://endpoint?id_token_hint=id-token) result UnknownHostException). * http://example.com&param1=value1&param2=value2 (UnknownHostException) with 1 occurrences migrated to: https://example.com&param1=value1&param2=value2 ([https](https://example.com&param1=value1&param2=value2) result UnknownHostException). * http://host/myapp/index.html;jsessionid=blah (UnknownHostException) with 1 occurrences migrated to: https://host/myapp/index.html;jsessionid=blah ([https](https://host/myapp/index.html;jsessionid=blah) result UnknownHostException). * http://http://context.blah.com/context/remainder (UnknownHostException) with 1 occurrences migrated to: https://http://context.blah.com/context/remainder ([https](https://https://context.blah.com/context/remainder) result UnknownHostException). * http://id.openid.zz (UnknownHostException) with 2 occurrences migrated to: https://id.openid.zz ([https](https://id.openid.zz) result UnknownHostException). * http://invalid-provider.com/oauth2/token (UnknownHostException) with 4 occurrences migrated to: https://invalid-provider.com/oauth2/token ([https](https://invalid-provider.com/oauth2/token) result UnknownHostException). * http://invalid-provider.com/user (UnknownHostException) with 4 occurrences migrated to: https://invalid-provider.com/user ([https](https://invalid-provider.com/user) result UnknownHostException). * http://issuer/.well-known/jwks.json (UnknownHostException) with 2 occurrences migrated to: https://issuer/.well-known/jwks.json ([https](https://issuer/.well-known/jwks.json) result UnknownHostException). * http://issuer/certs (UnknownHostException) with 1 occurrences migrated to: https://issuer/certs ([https](https://issuer/certs) result UnknownHostException). * http://jimi.hendrix.myopenid.com/ (UnknownHostException) with 1 occurrences migrated to: https://jimi.hendrix.myopenid.com/ ([https](https://jimi.hendrix.myopenid.com/) result UnknownHostException). * http://joe.myopenid.com/ (UnknownHostException) with 3 occurrences migrated to: https://joe.myopenid.com/ ([https](https://joe.myopenid.com/) result UnknownHostException). * http://logout (UnknownHostException) with 2 occurrences migrated to: https://logout ([https](https://logout) result UnknownHostException). * http://logout?id_token_hint=id-token (UnknownHostException) with 2 occurrences migrated to: https://logout?id_token_hint=id-token ([https](https://logout?id_token_hint=id-token) result UnknownHostException). * http://openid.aol.com/ (UnknownHostException) with 2 occurrences migrated to: https://openid.aol.com/ ([https](https://openid.aol.com/) result UnknownHostException). * http://pip.verisignlabs.com/server (UnknownHostException) with 2 occurrences migrated to: https://pip.verisignlabs.com/server ([https](https://pip.verisignlabs.com/server) result UnknownHostException). * http://postlogout?encodedparam%3Dvalue (UnknownHostException) with 2 occurrences migrated to: https://postlogout?encodedparam%3Dvalue ([https](https://postlogout?encodedparam%3Dvalue) result UnknownHostException). * http://postlogout?encodedparam=value (UnknownHostException) with 2 occurrences migrated to: https://postlogout?encodedparam=value ([https](https://postlogout?encodedparam=value) result UnknownHostException). * http://schema.openid.net/contact/email (UnknownHostException) with 5 occurrences migrated to: https://schema.openid.net/contact/email ([https](https://schema.openid.net/contact/email) result UnknownHostException). * http://schema.openid.net/namePerson (UnknownHostException) with 2 occurrences migrated to: https://schema.openid.net/namePerson ([https](https://schema.openid.net/namePerson) result UnknownHostException). * http://some.site.org/index.html (UnknownHostException) with 1 occurrences migrated to: https://some.site.org/index.html ([https](https://some.site.org/index.html) result UnknownHostException). * http://something/ (UnknownHostException) with 1 occurrences migrated to: https://something/ ([https](https://something/) result UnknownHostException). * http://specs.openid.net/auth/2.0 (UnknownHostException) with 2 occurrences migrated to: https://specs.openid.net/auth/2.0 ([https](https://specs.openid.net/auth/2.0) result UnknownHostException). * http://specs.openid.net/auth/2.0/identifier_select (UnknownHostException) with 4 occurrences migrated to: https://specs.openid.net/auth/2.0/identifier_select ([https](https://specs.openid.net/auth/2.0/identifier_select) result UnknownHostException). * http://wiki.fasterxml.com/JacksonFeatureModules (UnknownHostException) with 1 occurrences migrated to: https://wiki.fasterxml.com/JacksonFeatureModules ([https](https://wiki.fasterxml.com/JacksonFeatureModules) result UnknownHostException). * http://www.faqs (UnknownHostException) with 1 occurrences migrated to: https://www.faqs ([https](https://www.faqs) result UnknownHostException). * http://www.test123.com (UnknownHostException) with 1 occurrences migrated to: https://www.test123.com ([https](https://www.test123.com) result UnknownHostException). * http://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29 (301) with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Defense_in_depth_%2528computing%2529 ([https](https://en.wikipedia.org/wiki/Defense_in_depth_%28computing%29) result 400). * http://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html (404) with 1 occurrences migrated to: https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html ([https](https://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/server/ForwardedRequestCustomizer.html) result 404). * http://example.com/auth (404) with 2 occurrences migrated to: https://example.com/auth ([https](https://example.com/auth) result 404). * http://example.com/info (404) with 2 occurrences migrated to: https://example.com/info ([https](https://example.com/info) result 404). * http://example.com/jwkset (404) with 2 occurrences migrated to: https://example.com/jwkset ([https](https://example.com/jwkset) result 404). * http://example.com/login/oauth2/code/registration-id (404) with 1 occurrences migrated to: https://example.com/login/oauth2/code/registration-id ([https](https://example.com/login/oauth2/code/registration-id) result 404). * http://example.com/login/oauth2/code/registration-id-2 (404) with 1 occurrences migrated to: https://example.com/login/oauth2/code/registration-id-2 ([https](https://example.com/login/oauth2/code/registration-id-2) result 404). * http://example.com/path?a=b&c=d (404) with 1 occurrences migrated to: https://example.com/path?a=b&c=d ([https](https://example.com/path?a=b&c=d) result 404). * http://example.com/pkp-report (404) with 5 occurrences migrated to: https://example.com/pkp-report ([https](https://example.com/pkp-report) result 404). * http://example.com/token (404) with 2 occurrences migrated to: https://example.com/token ([https](https://example.com/token) result 404). * http://example.net/pkp-report (404) with 7 occurrences migrated to: https://example.net/pkp-report ([https](https://example.net/pkp-report) result 404). * http://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ (301) with 1 occurrences migrated to: https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/ ([https](https://fluidproject.org/blog/2008/01/09/getting-setting-and-removing-tabindex-values-with-javascript/) result 404). * http://html5shim.googlecode.com/svn/trunk/html5.js (404) with 6 occurrences migrated to: https://html5shim.googlecode.com/svn/trunk/html5.js ([https](https://html5shim.googlecode.com/svn/trunk/html5.js) result 404). * http://json.org/json2.js (404) with 1 occurrences migrated to: https://json.org/json2.js ([https](https://json.org/json2.js) result 404). * http://openid-selector.googlecode.com/svn/trunk/ (404) with 2 occurrences migrated to: https://openid-selector.googlecode.com/svn/trunk/ ([https](https://openid-selector.googlecode.com/svn/trunk/) result 404). * http://provider.com/user (302) with 2 occurrences migrated to: https://provider.com/user ([https](https://provider.com/user) result 404). * http://relaxng.org/ns/compatibility/annotations/1.0 (301) with 8 occurrences migrated to: https://relaxng.org/ns/compatibility/annotations/1.0 ([https](https://relaxng.org/ns/compatibility/annotations/1.0) result 404). * http://www.example.com/bigWebApp/hello (404) with 2 occurrences migrated to: https://www.example.com/bigWebApp/hello ([https](https://www.example.com/bigWebApp/hello) result 404). * http://www.example.com/bigWebApp/hello/pathInfo.html?open=true (404) with 1 occurrences migrated to: https://www.example.com/bigWebApp/hello/pathInfo.html?open=true ([https](https://www.example.com/bigWebApp/hello/pathInfo.html?open=true) result 404). * http://www.example.com/identity (404) with 1 occurrences migrated to: https://www.example.com/identity ([https](https://www.example.com/identity) result 404). * http://www.example.com/login/openid (404) with 2 occurrences migrated to: https://www.example.com/login/openid ([https](https://www.example.com/login/openid) result 404). * http://www.example.com/mycontext/HelloWorld (404) with 1 occurrences migrated to: https://www.example.com/mycontext/HelloWorld ([https](https://www.example.com/mycontext/HelloWorld) result 404). * http://www.example.com/mycontext/HelloWorld/some/more/segments.html (404) with 1 occurrences migrated to: https://www.example.com/mycontext/HelloWorld/some/more/segments.html ([https](https://www.example.com/mycontext/HelloWorld/some/more/segments.html) result 404). * http://www.example.com/mycontext/HelloWorld?foo=bar (404) with 1 occurrences migrated to: https://www.example.com/mycontext/HelloWorld?foo=bar ([https](https://www.example.com/mycontext/HelloWorld?foo=bar) result 404). * http://www.example.com/mycontext/secure/page.html (404) with 3 occurrences migrated to: https://www.example.com/mycontext/secure/page.html ([https](https://www.example.com/mycontext/secure/page.html) result 404). * http://www.example.com/realm (404) with 1 occurrences migrated to: https://www.example.com/realm ([https](https://www.example.com/realm) result 404). * http://www.example.com/redirect (404) with 1 occurrences migrated to: https://www.example.com/redirect ([https](https://www.example.com/redirect) result 404). * http://www.example.org/do/something (404) with 4 occurrences migrated to: https://www.example.org/do/something ([https](https://www.example.org/do/something) result 404). * http://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ (301) with 1 occurrences migrated to: https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/ ([https](https://www.ibm.com/developerworks/tivoli/library/t-ldap-controls/) result 404). * http://www.json.org/json2.js (404) with 1 occurrences migrated to: https://www.json.org/json2.js ([https](https://www.json.org/json2.js) result 404). * http://www.thymeleaf.org/thymeleaf-extras-springsecurity5 (301) with 5 occurrences migrated to: https://www.thymeleaf.org/thymeleaf-extras-springsecurity5 ([https](https://www.thymeleaf.org/thymeleaf-extras-springsecurity5) result 404). ## Fixed Success These URLs were switched to an https URL with a 2xx status. While the status was successful, your review is still recommended. * http://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html with 1 occurrences migrated to: https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html ([https](https://blog.ircmaxell.com/2014/03/why-i-dont-recommend-scrypt.html) result 200). * http://bugs.jquery.com/ticket/12282 with 1 occurrences migrated to: https://bugs.jquery.com/ticket/12282 ([https](https://bugs.jquery.com/ticket/12282) result 200). * http://bugs.jquery.com/ticket/12359 with 1 occurrences migrated to: https://bugs.jquery.com/ticket/12359 ([https](https://bugs.jquery.com/ticket/12359) result 200). * http://claimid.com/ with 2 occurrences migrated to: https://claimid.com/ ([https](https://claimid.com/) result 200). * http://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ with 1 occurrences migrated to: https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/ ([https](https://dist.springsource.org/snapshot/GRECLIPSE/e4.7/) result 200). * http://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html with 1 occurrences migrated to: https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/AsyncContext.html) result 200). * http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html with 26 occurrences migrated to: https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletRequest.html) result 200). * http://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html with 1 occurrences migrated to: https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html ([https](https://docs.oracle.com/javaee/6/api/javax/servlet/http/HttpServletResponse.html) result 200). * http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html with 1 occurrences migrated to: https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html ([https](https://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html) result 200). * http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html with 1 occurrences migrated to: https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html ([https](https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html) result 200). * http://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html with 1 occurrences migrated to: https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html ([https](https://docs.oracle.com/javase/jndi/tutorial/ldap/connect/config.html) result 200). * http://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to: https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring-framework/docs/4.0.x/spring-framework-reference/htmlsingle/) result 200). * http://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html (301) with 1 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/3.0.x/reference/remember-me.html ([https](https://static.springsource.org/spring-security/site/docs/3.0.x/reference/remember-me.html) result 200). * http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html (301) with 1 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/3.1.x/reference/springsecurity-single.html ([https](https://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html) result 200). * http://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ with 1 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/) result 200). * http://docs.spring.io/spring-security/site/docs/current/api/ with 1 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/current/api/ ([https](https://docs.spring.io/spring-security/site/docs/current/api/) result 200). * http://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ with 3 occurrences migrated to: https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/ ([https](https://docs.spring.io/spring-security/site/docs/current/reference/htmlsingle/) result 200). * http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html (301) with 1 occurrences migrated to: https://docs.spring.io/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html ([https](https://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/htmlsingle/spring-framework-reference.html) result 200). * http://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html with 1 occurrences migrated to: https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html ([https](https://docs.spring.io/spring/docs/3.1.x/spring-framework-reference/html/beans.html) result 200). * http://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html with 1 occurrences migrated to: https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html ([https](https://docs.spring.io/spring/docs/3.2.x/javadoc-api/org/springframework/web/multipart/support/MultipartFilter.html) result 200). * http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html with 3 occurrences migrated to: https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/mvc.html) result 200). * http://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html with 1 occurrences migrated to: https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html ([https](https://docs.spring.io/spring/docs/3.2.x/spring-framework-reference/html/view.html) result 200). * http://en.wikipedia.org/wiki/Clickjacking with 9 occurrences migrated to: https://en.wikipedia.org/wiki/Clickjacking ([https](https://en.wikipedia.org/wiki/Clickjacking) result 200). * http://en.wikipedia.org/wiki/Content_sniffing with 2 occurrences migrated to: https://en.wikipedia.org/wiki/Content_sniffing ([https](https://en.wikipedia.org/wiki/Content_sniffing) result 200). * http://en.wikipedia.org/wiki/Cross-site_request_forgery with 11 occurrences migrated to: https://en.wikipedia.org/wiki/Cross-site_request_forgery ([https](https://en.wikipedia.org/wiki/Cross-site_request_forgery) result 200). * http://en.wikipedia.org/wiki/Cross-site_scripting with 7 occurrences migrated to: https://en.wikipedia.org/wiki/Cross-site_scripting ([https](https://en.wikipedia.org/wiki/Cross-site_scripting) result 200). * http://en.wikipedia.org/wiki/Firesheep with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Firesheep ([https](https://en.wikipedia.org/wiki/Firesheep) result 200). * http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security with 4 occurrences migrated to: https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security ([https](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) result 200). * http://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol ([https](https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol) result 200). * http://en.wikipedia.org/wiki/Man-in-the-middle_attack with 2 occurrences migrated to: https://en.wikipedia.org/wiki/Man-in-the-middle_attack ([https](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) result 200). * http://en.wikipedia.org/wiki/Null_Object_pattern with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Null_Object_pattern ([https](https://en.wikipedia.org/wiki/Null_Object_pattern) result 200). * http://en.wikipedia.org/wiki/SRV_record with 2 occurrences migrated to: https://en.wikipedia.org/wiki/SRV_record ([https](https://en.wikipedia.org/wiki/SRV_record) result 200). * http://en.wikipedia.org/wiki/Same-origin_policy with 1 occurrences migrated to: https://en.wikipedia.org/wiki/Same-origin_policy ([https](https://en.wikipedia.org/wiki/Same-origin_policy) result 200). * http://en.wikipedia.org/wiki/Session_fixation with 6 occurrences migrated to: https://en.wikipedia.org/wiki/Session_fixation ([https](https://en.wikipedia.org/wiki/Session_fixation) result 200). * http://example.com with 8 occurrences migrated to: https://example.com ([https](https://example.com) result 200). * http://example.com/ with 1 occurrences migrated to: https://example.com/ ([https](https://example.com/) result 200). * http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice with 2 occurrences migrated to: https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice ([https](https://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice) result 200). * http://flywaydb.org/ with 1 occurrences migrated to: https://flywaydb.org/ ([https](https://flywaydb.org/) result 200). * http://getbootstrap.com/docs/4.0/examples/signin/signin.css with 1 occurrences migrated to: https://getbootstrap.com/docs/4.0/examples/signin/signin.css ([https](https://getbootstrap.com/docs/4.0/examples/signin/signin.css) result 200). * http://gradle.org with 1 occurrences migrated to: https://gradle.org ([https](https://gradle.org) result 200). * http://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ with 2 occurrences migrated to: https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/ ([https](https://hackademix.net/2009/11/21/ies-xss-filter-creates-xss-vulnerabilities/) result 200). * http://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html with 2 occurrences migrated to: https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html ([https](https://joshlong.com/jl/blogPost/tech_tip_geting_started_with_spring_boot.html) result 200). * http://jquery.com/ with 1 occurrences migrated to: https://jquery.com/ ([https](https://jquery.com/) result 200). * http://knockoutjs.com/ with 1 occurrences migrated to: https://knockoutjs.com/ ([https](https://knockoutjs.com/) result 200). * http://marketplace.eclipse.org/content/anyedit-tools with 1 occurrences migrated to: https://marketplace.eclipse.org/content/anyedit-tools ([https](https://marketplace.eclipse.org/content/anyedit-tools) result 200). * http://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html with 1 occurrences migrated to: https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html ([https](https://maven.apache.org/guides/introduction/introduction-to-dependency-mechanism.html) result 200). * http://openid.net with 1 occurrences migrated to: https://openid.net ([https](https://openid.net) result 200). * http://openid.net/ with 1 occurrences migrated to: https://openid.net/ ([https](https://openid.net/) result 200). * http://openid.net/certification/ with 4 occurrences migrated to: https://openid.net/certification/ ([https](https://openid.net/certification/) result 200). * http://openid.net/connect/ with 4 occurrences migrated to: https://openid.net/connect/ ([https](https://openid.net/connect/) result 200). * http://openid.net/specs/openid-attribute-exchange-1_0.html with 3 occurrences migrated to: https://openid.net/specs/openid-attribute-exchange-1_0.html ([https](https://openid.net/specs/openid-attribute-exchange-1_0.html) result 200). * http://openid.net/specs/openid-connect-core-1_0.html with 50 occurrences migrated to: https://openid.net/specs/openid-connect-core-1_0.html ([https](https://openid.net/specs/openid-connect-core-1_0.html) result 200). * http://openid.net/specs/openid-connect-session-1_0.html with 2 occurrences migrated to: https://openid.net/specs/openid-connect-session-1_0.html ([https](https://openid.net/specs/openid-connect-session-1_0.html) result 200). * http://sizzlejs.com/ with 2 occurrences migrated to: https://sizzlejs.com/ ([https](https://sizzlejs.com/) result 200). * http://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time with 1 occurrences migrated to: https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time ([https](https://spring.io/blog/2009/01/03/spring-security-customization-part-2-adjusting-secured-session-in-real-time) result 200). * http://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/ (301) with 1 occurrences migrated to: https://spring.io/blog/2010/03/06/behind-the-spring-security-namespace/ ([https](https://blog.springsource.com/2010/03/06/behind-the-spring-security-namespace/) result 200). * http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ (301) with 1 occurrences migrated to: https://spring.io/blog/2010/08/02/spring-security-in-google-app-engine/ ([https](https://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/) result 200). * http://spring.io/projects with 1 occurrences migrated to: https://spring.io/projects ([https](https://spring.io/projects) result 200). * http://spring.io/services with 1 occurrences migrated to: https://spring.io/services ([https](https://spring.io/services) result 200). * http://stackoverflow.com/questions/tagged/spring-security with 1 occurrences migrated to: https://stackoverflow.com/questions/tagged/spring-security ([https](https://stackoverflow.com/questions/tagged/spring-security) result 200). * http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html with 2 occurrences migrated to: https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html ([https](https://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html) result 200). * http://tools.ietf.org/html/rfc6797 with 15 occurrences migrated to: https://tools.ietf.org/html/rfc6797 ([https](https://tools.ietf.org/html/rfc6797) result 200). * http://tools.ietf.org/html/rfc7469 with 18 occurrences migrated to: https://tools.ietf.org/html/rfc7469 ([https](https://tools.ietf.org/html/rfc7469) result 200). * http://vimeo.com/34436402 with 1 occurrences migrated to: https://vimeo.com/34436402 ([https](https://vimeo.com/34436402) result 200). * http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ with 1 occurrences migrated to: https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/ ([https](https://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails/) result 200). * http://www.ja-sig.org/cas (301) with 1 occurrences migrated to: https://www.apereo.org ([https](https://www.ja-sig.org/cas) result 200). * http://ehcache.sourceforge.net (301) with 2 occurrences migrated to: https://www.ehcache.org/ ([https](https://ehcache.sourceforge.net) result 200). * http://www.html5rocks.com/en/tutorials/security/content-security-policy/ with 2 occurrences migrated to: https://www.html5rocks.com/en/tutorials/security/content-security-policy/ ([https](https://www.html5rocks.com/en/tutorials/security/content-security-policy/) result 200). * http://www.ietf.org/rfc/rfc2396.txt with 3 occurrences migrated to: https://www.ietf.org/rfc/rfc2396.txt ([https](https://www.ietf.org/rfc/rfc2396.txt) result 200). * http://www.ietf.org/rfc/rfc2617.txt with 1 occurrences migrated to: https://www.ietf.org/rfc/rfc2617.txt ([https](https://www.ietf.org/rfc/rfc2617.txt) result 200). * http://www.liquibase.org/ with 1 occurrences migrated to: https://www.liquibase.org/ ([https](https://www.liquibase.org/) result 200). * http://www.openbsd.org/papers/bcrypt-paper.ps with 1 occurrences migrated to: https://www.openbsd.org/papers/bcrypt-paper.ps ([https](https://www.openbsd.org/papers/bcrypt-paper.ps) result 200). * http://www.springframework.org/schema/aop/spring-aop-2.5.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/aop/spring-aop-2.5.xsd ([https](https://www.springframework.org/schema/aop/spring-aop-2.5.xsd) result 200). * http://www.springframework.org/schema/beans/spring-beans-2.5.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans-2.5.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-2.5.xsd) result 200). * http://www.springframework.org/schema/beans/spring-beans-3.0.xsd with 2 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans-3.0.xsd ([https](https://www.springframework.org/schema/beans/spring-beans-3.0.xsd) result 200). * http://www.springframework.org/schema/beans/spring-beans.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/beans/spring-beans.xsd ([https](https://www.springframework.org/schema/beans/spring-beans.xsd) result 200). * http://www.springframework.org/schema/context/spring-context-2.5.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/context/spring-context-2.5.xsd ([https](https://www.springframework.org/schema/context/spring-context-2.5.xsd) result 200). * http://www.springframework.org/schema/mvc/spring-mvc.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/mvc/spring-mvc.xsd ([https](https://www.springframework.org/schema/mvc/spring-mvc.xsd) result 200). * http://www.springframework.org/schema/security/spring-security.xsd with 3 occurrences migrated to: https://www.springframework.org/schema/security/spring-security.xsd ([https](https://www.springframework.org/schema/security/spring-security.xsd) result 200). * http://www.springframework.org/schema/websocket/spring-websocket.xsd with 1 occurrences migrated to: https://www.springframework.org/schema/websocket/spring-websocket.xsd ([https](https://www.springframework.org/schema/websocket/spring-websocket.xsd) result 200). * http://www.test.com with 9 occurrences migrated to: https://www.test.com ([https](https://www.test.com) result 200). * http://www.thymeleaf.org with 25 occurrences migrated to: https://www.thymeleaf.org ([https](https://www.thymeleaf.org) result 200). * http://www.thymeleaf.org/ with 3 occurrences migrated to: https://www.thymeleaf.org/ ([https](https://www.thymeleaf.org/) result 200). * http://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd with 1 occurrences migrated to: https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd ([https](https://www.thymeleaf.org/dtd/xhtml1-strict-thymeleaf-spring4-3.dtd) result 200). * http://www.thymeleaf.org/whatsnew21.html with 1 occurrences migrated to: https://www.thymeleaf.org/whatsnew21.html ([https](https://www.thymeleaf.org/whatsnew21.html) result 200). * http://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html with 2 occurrences migrated to: https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec15.html) result 200). * http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html with 1 occurrences migrated to: https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html ([https](https://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html) result 200). * http://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html with 1 occurrences migrated to: https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html ([https](https://www.w3.org/TR/2003/WD-DOM-Level-3-Events-20030331/ecma-script-binding.html) result 200). * http://www.w3.org/TR/2011/REC-css3-selectors-20110929/ with 2 occurrences migrated to: https://www.w3.org/TR/2011/REC-css3-selectors-20110929/ ([https](https://www.w3.org/TR/2011/REC-css3-selectors-20110929/) result 200). * http://www.w3.org/TR/CSS21/syndata.html with 1 occurrences migrated to: https://www.w3.org/TR/CSS21/syndata.html ([https](https://www.w3.org/TR/CSS21/syndata.html) result 200). * http://www.w3.org/TR/selectors/ with 3 occurrences migrated to: https://www.w3.org/TR/selectors/ ([https](https://www.w3.org/TR/selectors/) result 200). * http://www.youtube.com/watch?v=3mk0RySeNsU with 2 occurrences migrated to: https://www.youtube.com/watch?v=3mk0RySeNsU ([https](https://www.youtube.com/watch?v=3mk0RySeNsU) result 200). * http://api.jquery.com/jQuery.browser with 1 occurrences migrated to: https://api.jquery.com/jQuery.browser ([https](https://api.jquery.com/jQuery.browser) result 301). * http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx with 1 occurrences migrated to: https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-iv-the-xss-filter.aspx) result 301). * http://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx with 2 occurrences migrated to: https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx ([https](https://blogs.msdn.com/b/ie/archive/2008/09/02/ie8-security-part-vi-beta-2-update.aspx) result 301). * http://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx with 2 occurrences migrated to: https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx ([https](https://blogs.msdn.com/b/ieinternals/archive/2011/01/31/controlling-the-internet-explorer-xss-filter-with-the-x-xss-protection-http-header.aspx) result 301). * http://code.google.com/p/openid-selector/ with 3 occurrences migrated to: https://code.google.com/p/openid-selector/ ([https](https://code.google.com/p/openid-selector/) result 301). * http://contributor-covenant.org with 1 occurrences migrated to: https://contributor-covenant.org ([https](https://contributor-covenant.org) result 301). * http://contributor-covenant.org/version/1/3/0/ with 1 occurrences migrated to: https://contributor-covenant.org/version/1/3/0/ ([https](https://contributor-covenant.org/version/1/3/0/) result 301). * http://dev.w3.org/csswg/cssom/ with 1 occurrences migrated to: https://dev.w3.org/csswg/cssom/ ([https](https://dev.w3.org/csswg/cssom/) result 301). * http://docs.spring.io with 1 occurrences migrated to: https://docs.spring.io ([https](https://docs.spring.io) result 301). * http://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html with 1 occurrences migrated to: https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/testing.html) result 301). * http://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html with 7 occurrences migrated to: https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/html/websocket.html) result 301). * http://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971 (301) with 1 occurrences migrated to: https://forum.spring.io/showthread.php?102783-How-to-use-hasIpAddress&p=343971 ([https](https://forum.springsource.org/showthread.php?102783-How-to-use-hasIpAddress&p=343971) result 301). * http://help.github.com/set-up-git-redirect with 1 occurrences migrated to: https://help.github.com/set-up-git-redirect ([https](https://help.github.com/set-up-git-redirect) result 301). * http://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ with 1 occurrences migrated to: https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_ ([https](https://helpful.knobs-dials.com/index.php/Component_returned_failure_code:_0x80040111_) result 301). * http://jquery.org/license with 1 occurrences migrated to: https://jquery.org/license ([https](https://jquery.org/license) result 301). * http://msdn.microsoft.com/en-us/library/dd565647 with 4 occurrences migrated to: https://msdn.microsoft.com/en-us/library/dd565647 ([https](https://msdn.microsoft.com/en-us/library/dd565647) result 301). * http://msdn.microsoft.com/en-us/library/ie/gg622941 with 5 occurrences migrated to: https://msdn.microsoft.com/en-us/library/ie/gg622941 ([https](https://msdn.microsoft.com/en-us/library/ie/gg622941) result 301). * http://openid.net/get/ with 2 occurrences migrated to: https://openid.net/get/ ([https](https://openid.net/get/) result 301). * http://openid.net/what/ with 2 occurrences migrated to: https://openid.net/what/ ([https](https://openid.net/what/) result 301). * http://technorati.com/people/technorati/ with 2 occurrences migrated to: https://technorati.com/people/technorati/ ([https](https://technorati.com/people/technorati/) result 301). * http://twitter.github.com/bootstrap/javascript.html with 13 occurrences migrated to: https://twitter.github.com/bootstrap/javascript.html ([https](https://twitter.github.com/bootstrap/javascript.html) result 301). * http://www.jasig.org/cas with 1 occurrences migrated to: https://www.jasig.org/cas ([https](https://www.jasig.org/cas) result 301). * http://www.modernizr.com/ with 1 occurrences migrated to: https://www.modernizr.com/ ([https](https://www.modernizr.com/) result 301). * http://www.opensource.org/licenses/mit-license.php with 1 occurrences migrated to: https://www.opensource.org/licenses/mit-license.php ([https](https://www.opensource.org/licenses/mit-license.php) result 301). * http://www.oracle.com/technetwork/java/javase/downloads with 1 occurrences migrated to: https://www.oracle.com/technetwork/java/javase/downloads ([https](https://www.oracle.com/technetwork/java/javase/downloads) result 301). * http://www.springframework.org/security with 1 occurrences migrated to: https://www.springframework.org/security ([https](https://www.springframework.org/security) result 301). * http://www.springsource.com/ with 2 occurrences migrated to: https://www.springsource.com/ ([https](https://www.springsource.com/) result 301). * http://www.springsource.org with 1 occurrences migrated to: https://www.springsource.org ([https](https://www.springsource.org) result 301). * http://www.springsource.org/sts with 1 occurrences migrated to: https://www.springsource.org/sts ([https](https://www.springsource.org/sts) result 301). * http://www.thoughtcrime.org/software/sslstrip/ with 1 occurrences migrated to: https://www.thoughtcrime.org/software/sslstrip/ ([https](https://www.thoughtcrime.org/software/sslstrip/) result 301). * http://www.w3.org/TR/css3-selectors/ with 2 occurrences migrated to: https://www.w3.org/TR/css3-selectors/ ([https](https://www.w3.org/TR/css3-selectors/) result 301). * http://www.w3.org/TR/css3-syntax/ with 1 occurrences migrated to: https://www.w3.org/TR/css3-syntax/ ([https](https://www.w3.org/TR/css3-syntax/) result 301). * http://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ with 2 occurrences migrated to: https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/ ([https](https://docs.spring.io/spring/docs/current/spring-framework-reference/htmlsingle/) result 302). * http://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html with 1 occurrences migrated to: https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html ([https](https://download.oracle.com/javase/1.4.2/docs/guide/security/jaas/spec/com/sun/security/auth/login/ConfigFile.html) result 302). * http://example2.com with 3 occurrences migrated to: https://example2.com ([https](https://example2.com) result 302). * http://flickr.com/ with 2 occurrences migrated to: https://flickr.com/ ([https](https://flickr.com/) result 302). * http://git-scm.com/book/cs/ch7-3.html with 1 occurrences migrated to: https://git-scm.com/book/cs/ch7-3.html ([https](https://git-scm.com/book/cs/ch7-3.html) result 302). * http://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd with 1 occurrences migrated to: https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd ([https](https://java.sun.com/dtd/web-jsptaglibrary_1_2.dtd) result 302). * http://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/naming/directory/DirContext.html) result 302). * http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html with 4 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/Callback.html) result 302). * http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/CallbackHandler.html) result 302). * http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/NameCallback.html) result 302). * http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html ([https](https://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/callback/PasswordCallback.html) result 302). * http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html ([https](https://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html) result 302). * http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html with 2 occurrences migrated to: https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/callback/CallbackHandler.html) result 302). * http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html with 1 occurrences migrated to: https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/Configuration.html) result 302). * http://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html with 2 occurrences migrated to: https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html ([https](https://java.sun.com/j2se/1.5.0/docs/api/javax/security/auth/login/LoginContext.html) result 302). * http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html with 3 occurrences migrated to: https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html ([https](https://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html) result 302). * http://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd with 1 occurrences migrated to: https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd ([https](https://java.sun.com/xml/ns/j2ee/web-jsptaglibrary_2_0.xsd) result 302). * http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd with 1 occurrences migrated to: https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_2_5.xsd) result 302). * http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd with 2 occurrences migrated to: https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ([https](https://java.sun.com/xml/ns/javaee/web-app_3_0.xsd) result 302). * http://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx with 1 occurrences migrated to: https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx ([https](https://msdn.microsoft.com/en-us/library/ms680857%28VS.85%29.aspx) result 302). * http://spring.io/spring-security with 1 occurrences migrated to: https://spring.io/spring-security ([https](https://spring.io/spring-security) result 302). * http://spring.io/spring-security/ with 2 occurrences migrated to: https://spring.io/spring-security/ ([https](https://spring.io/spring-security/) result 302). * http://spring.io/tools/sts with 1 occurrences migrated to: https://spring.io/tools/sts ([https](https://spring.io/tools/sts) result 302). * http://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt with 2 occurrences migrated to: https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt ([https](https://tools.ietf.org/draft/draft-behera-ldap-password-policy/draft-behera-ldap-password-policy-09.txt) result 302). * http://webauth.stanford.edu/manual/mod/mod_webauth.html with 1 occurrences migrated to: https://webauth.stanford.edu/manual/mod/mod_webauth.html ([https](https://webauth.stanford.edu/manual/mod/mod_webauth.html) result 302). * http://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context with 1 occurrences migrated to: https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context ([https](https://weblogs.java.net/blog/driscoll/archive/2009/09/08/eval-javascript-global-context) result 302). * http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt with 1 occurrences migrated to: https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt ([https](https://www.ietf.org/internet-drafts/draft-ietf-ldapbis-authmeth-19.txt) result 302). # Ignored These URLs were intentionally ignored. * http://java.sun.com/JSP/Page with 14 occurrences * http://java.sun.com/jsp/jstl/core with 31 occurrences * http://java.sun.com/jsp/jstl/fmt with 6 occurrences * http://java.sun.com/jsp/jstl/functions with 1 occurrences * http://java.sun.com/jstl/core with 1 occurrences * http://java.sun.com/xml/ns/j2ee with 2 occurrences * http://java.sun.com/xml/ns/javaee with 6 occurrences * http://localhost with 20 occurrences * http://localhost/ with 6 occurrences * http://localhost/Test</value></property&gt with 1 occurrences * http://localhost/appcontext/page with 1 occurrences * http://localhost/authenticated with 1 occurrences * http://localhost/authentication/login with 2 occurrences * http://localhost/authorize/oauth2/code/registration-id with 3 occurrences * http://localhost/authorize/oauth2/implicit/registration-3 with 1 occurrences * http://localhost/callback/client-1 with 1 occurrences * http://localhost/callback/client-1?error=invalid_grant with 1 occurrences * http://localhost/client-1 with 9 occurrences * http://localhost/cookie with 1 occurrences * http://localhost/cookie/delete with 1 occurrences * http://localhost/custom-login with 1 occurrences * http://localhost/custom-logout with 1 occurrences * http://localhost/form-page with 1 occurrences * http://localhost/iss with 1 occurrences * http://localhost/issuer with 2 occurrences * http://localhost/login with 38 occurrences * http://localhost/login/oauth2/code/ with 4 occurrences * http://localhost/login/oauth2/code/pkce-client-registration-id& with 1 occurrences * http://localhost/login/oauth2/code/registration-id with 3 occurrences * http://localhost/login/oauth2/code/registration-id& with 2 occurrences * http://localhost/login/oauth2/code/registration-id-2 with 2 occurrences * http://localhost/login/openid with 1 occurrences * http://localhost/login2 with 1 occurrences * http://localhost/loginPage with 2 occurrences * http://localhost/logout with 1 occurrences * http://localhost/messages with 4 occurrences * http://localhost/oauth2/authorization/google with 1 occurrences * http://localhost/openid-page with 1 occurrences * http://localhost/saved-request with 1 occurrences * http://localhost/secured with 2 occurrences * http://localhost/signin with 1 occurrences * http://localhost/some-url with 1 occurrences * http://localhost/tosave with 1 occurrences * http://localhost/user with 1 occurrences * http://localhost:123456 with 3 occurrences * http://localhost:1280/certs with 1 occurrences * http://localhost:314 with 1 occurrences * http://localhost:4080 with 1 occurrences * http://localhost:543 with 1 occurrences * http://localhost:8080 with 16 occurrences * http://localhost:8080/ with 4 occurrences * http://localhost:8080/SomeService with 1 occurrences * http://localhost:8080/contacts with 1 occurrences * http://localhost:8080/login/oauth2/code with 1 occurrences * http://localhost:8080/login/oauth2/code/client-id with 2 occurrences * http://localhost:8080/login/oauth2/code/facebook with 2 occurrences * http://localhost:8080/login/oauth2/code/github with 2 occurrences * http://localhost:8080/login/oauth2/code/google with 4 occurrences * http://localhost:8080/login/oauth2/code/okta with 2 occurrences * http://localhost:8080/path/page.html?query=string with 1 occurrences * http://localhost:8080/sample/ with 15 occurrences * http://localhost:8080/secure with 1 occurrences * http://localhost:8080/spring-security-samples-tutorial/listAccounts.html with 4 occurrences * http://localhost:8080/spring-security-samples-tutorial/post.html?id=1 with 4 occurrences * http://localhost:9080/protected with 2 occurrences * http://localhost:9080/secured with 1 occurrences * http://localhost:9080/unsecured with 1 occurrences * http://localhost:9080/user with 1 occurrences * http://test.com with 1 occurrences * http://test.foobar.com with 1 occurrences * http://testopenid.com?openid.return_to= with 1 occurrences * http://www.springframework.org/schema/aop with 2 occurrences * http://www.springframework.org/schema/beans with 8 occurrences * http://www.springframework.org/schema/context with 2 occurrences * http://www.springframework.org/schema/mvc with 2 occurrences * http://www.springframework.org/schema/security with 45 occurrences * http://www.springframework.org/schema/security/spring-security- with 1 occurrences * http://www.springframework.org/schema/websocket with 2 occurrences * http://www.springframework.org/security/tags with 17 occurrences * http://www.springframework.org/tags with 12 occurrences * http://www.springframework.org/tags/form with 14 occurrences * http://www.w3.org/1999/XSL/Transform with 1 occurrences * http://www.w3.org/1999/xhtml with 26 occurrences * http://www.w3.org/2001/XMLSchema with 15 occurrences * http://www.w3.org/2001/XMLSchema-datatypes with 8 occurrences * http://www.w3.org/2001/XMLSchema-instance with 9 occurrences
2019-03-20 12:53:23 +08:00
For example, many applications will have a load balancer that responds to request for https://example.com/ by forwarding the request to an application server at https://192.168.1:8080
Without proper configuration, the application server will not know that the load balancer exists and treat the request as though https://192.168.1:8080 was requested by the client.
Document Proxy Server Issue gh-4076
2016-10-18 10:07:57 +08:00
To fix this you can use https://tools.ietf.org/html/rfc7239[RFC 7239] to specify that a load balancer is being used.
To make the application aware of this, you need to either configure your application server aware of the X-Forwarded headers.
Fix Broken Links in Docs Closes gh-9869
2021-06-05 02:19:57 +08:00
For example Tomcat uses the https://tomcat.apache.org/tomcat-8.0-doc/api/org/apache/catalina/valves/RemoteIpValve.html[RemoteIpValve] and Jetty uses https://www.eclipse.org/jetty/javadoc/jetty-9/org/eclipse/jetty/server/ForwardedRequestCustomizer.html[ForwardedRequestCustomizer].
fix typo "RemoteIpValve"
2016-11-15 11:00:02 +08:00
Alternatively, Spring 4.3+ users can leverage https://github.com/spring-projects/spring-framework/blob/v4.3.3.RELEASE/spring-web/src/main/java/org/springframework/web/filter/ForwardedHeaderFilter.java[ForwardedHeaderFilter].
Document OAuth2 Client behind proxy and redirect_uri Fixes gh-7312
2019-08-29 18:00:04 +08:00
Spring Boot users may use the `server.use-forward-headers` property to configure the application.
Update a broken link to Spring Boot documentation
2021-08-16 19:59:54 +08:00
See the https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#howto.webserver.use-behind-a-proxy-server[Spring Boot documentation] for further details.