Hi,
I'm using rails 1.2.5 along with nginx and mongrel_cluster to serve both encrypted and unencrypted content.
I installed the ssl_requirement plugin to force https on certain pages/ actions.
ssl_requirement works, but whenever I go from an unencrypted page on my site to an encrypted page (or vice versa) the time to render the page is HUUUGE (around 1 minute for some simple html that should normally take about 1 second to render).
e.g., if I am viewing this page: https://blahblah.com/stuff and I click on a link within that page that links to http://blahblah.com/otherstuff, my browser will churn for about 1 minute before rendering the new page.
some interesting points. 1. this does not happen when going from https to https, nor does it take place when going from http to http.
2. if I click on the hyperlink a *second* time while I'm waiting for the new page to render, it renders almost immediately (i.e. I can "coax" the new page into loading by clicking on it twice).
Any ideas as to what's causing this lag?
my nginx config file is shown below along with the top/relevant portion of my controller that uses ssl_requirement
############begin top of controller ######### class AccountController < ApplicationController layout "account" before_filter :login_from_cookie ssl_required :signup, :login ##########end top of controller ##############
##########begin nginx virtual host config file ############## # Nginx virtual host configuration file # to be included by nginx.conf # Load balance to mongrels upstream mongrel_cluster { server 0.0.0.0:8000; server 0.0.0.0:8001; server 0.0.0.0:8002; } # Begin virtual host configuration server { # Familiar HTTP settings listen 80; server_name e.com *.e.com; root /home/e2/a2/public; access_log /var/log/nginx/e.com.access.log main; error_page 500 502 503 504 /500.html; client_max_body_size 50M; # First rewrite rule for handling maintenance page if (-f $document_root/system/maintenance.html) { rewrite ^(.*)$ /system/maintenance.html last; break; } location / { index index.html index.htm; # Forward information about the client and host # Otherwise our Rails app wouldn't have access to it proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_max_temp_file_size 0; # Directly serve static content location ~ ^/(images|javascripts|stylesheets)/ { expires 10y; } if (-f $request_filename) { break; } # Directly serve cached pages if (-f $request_filename.html) { rewrite (.*) $1.html break; } # Otherwise let Mongrel handle the request if (!-f $request_filename) { proxy_pass http://mongrel_cluster; break; } } }
server {
listen 443; ssl on; #path to certificate ssl_certificate /etc/ssl/certs/myssl.crt; #path to ssl key ssl_certificate_key /etc/ssl/myssl.key;
server_name e.com *.e.com; root /home/e2/a2/public; access_log /var/log/nginx/e.com.access.log main; error_page 500 502 503 504 /500.html; client_max_body_size 50M; # First rewrite rule for handling maintenance page if (-f $document_root/system/maintenance.html) { rewrite ^(.*)$ /system/maintenance.html last; break; }
location / { index index.html index.htm; # Forward information about the client and host # Otherwise our Rails app wouldn't have access to it # set X-FORWARDED_PROTO so ssl_requirement plugin works proxy_set_header X-FORWARDED_PROTO https; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_max_temp_file_size 0; # Directly serve static content location ~ ^/(images|javascripts|stylesheets)/ { expires 10y; } if (-f $request_filename) { break; } # Directly serve cached pages if (-f $request_filename.html) { rewrite (.*) $1.html break; } # Otherwise let Mongrel handle the request if (!-f $request_filename) { proxy_pass http://mongrel_cluster; break; } }
}
