tag:help.tenderapp.com,2008-11-12:/discussions/problems/86030-cloudfront-redirect-to-cheddargettertenderappcomTender: Discussion 2018-06-04T19:00:35Ztag:help.tenderapp.com,2008-11-12:Comment/453810512018-05-31T14:09:58Z2018-05-31T22:10:19ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>Notice in the second hop that the tender cookie has been set. This feels like the redirect is occurring on the Tender end and is a consequence of the SSO.</p>
<p>Please acknowledge.</p></div>Mark Baltzegartag:help.tenderapp.com,2008-11-12:Comment/453810512018-05-31T22:10:58Z2018-05-31T22:10:58ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>do you have a redirect string encoded in the SSO?</p></div>Courtenaytag:help.tenderapp.com,2008-11-12:Comment/453810512018-06-01T16:05:33Z2018-06-01T16:05:33ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>Hi Courtenay,</p>
<p>Thank you for investigating this.</p>
<p>I have confirmed that we are <em>not</em> including the <a href=""Mark">to" field as outlined here:</a></p>
<p><a href=""Mark">https://help.tenderapp.com/kb/customizing-your-tender-site/share-your-own-sites-authentication-with-tender</a></p>
<p><a href=""Mark">Here are two examples of the information encoded in the SSO:</a></p>
<p><a href=""Mark">{"email":"marc@getcheddar.com","expires":"Fri, 01 Jun 2018 11:54:37 -0400","name":"Marc Guyer","product":"Unit Test Product (UNIT_TEST)"}</a></p>
<p><a href=""Mark">{"email":"markb@getcheddar.com","expires":"Tue, 22 May 2018 18:38:56 -0400","name</a> Baltzegar"}</p>
<p>I have also confirmed that the issue only occurs when the sso query string is present.</p></div>Mark Baltzegartag:help.tenderapp.com,2008-11-12:Comment/453810512018-06-01T17:45:08Z2018-06-01T17:45:08ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>I've made some changes, try now! :)</p></div>Courtenaytag:help.tenderapp.com,2008-11-12:Comment/453810512018-06-01T18:25:29Z2018-06-01T18:25:29ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>Hi Courtenay,</p>
<p>I saw a new alert message that the Multipass token was expired. However, I'm still having the issue.</p>
<p>While logged in (with a fresh browser), clicking the "View Knowledge Base" button here still exhibits the issue:</p>
<p><a href="https://www.getcheddar.com/support">https://www.getcheddar.com/support</a></p></div>Mark Baltzegartag:help.tenderapp.com,2008-11-12:Comment/453810512018-06-01T21:36:33Z2018-06-01T21:36:33ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>the issue before was that tender wasn’t set to allow your site to use custom/arbitrary ssl; which is just a flag i set on your site. this should have fixed the issue. do you know what hostname cloudflare is sending? and when it redirects, is it the same url as before? i added an extra url parameter for some redirects that has extra debugging info in it.</p></div>Courtenaytag:help.tenderapp.com,2008-11-12:Comment/453810512018-06-02T05:30:38Z2018-06-02T05:30:38ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>I was able to look at some logs and reproduce - it looks like cloudfront isn't sending the right host header, compared to what we normally expect and receive.</p>
<p>Tender is receiving <code>cheddargetter.tenderapp.com</code> as the hostname, which will always retain and override for the request. What you want to do is send <code>support.getcheddar.com</code> as the hostname. I know there are a few possible headers and ways to do this.. i THINK the way to do it is outlined here - <a href="https://serversforhackers.com/c/cloudfront-and-your-app">https://serversforhackers.com/c/cloudfront-and-your-app</a> - by adding 'host' to the forwarded headers whitelist</p></div>Courtenaytag:help.tenderapp.com,2008-11-12:Comment/453810512018-06-04T15:40:40Z2018-06-04T15:40:40ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>It looks like the CloudFront interface has changed since that article. I tried adding a custom host, but was unsuccessful. I've attached a screenshot of the message from AWS and the relevant section from their documentation.</p>
<p>Is there another custom header that Tender could read from for this purpose?</p>
<p>Thanks again for your help!</p>
<p>Mark</p></div>Mark Baltzegartag:help.tenderapp.com,2008-11-12:Comment/453810512018-06-04T18:28:58Z2018-06-04T18:28:58ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>I <em>THINK</em> this is the solution, but I'm setting up my own cloudfront distribution right now to try and figure it out: "whitelist headers" in the cache section</p>
<p><a href="https://aws.amazon.com/premiumsupport/knowledge-center/configure-cloudfront-to-forward-headers/">https://aws.amazon.com/premiumsupport/knowledge-center/configure-cl...</a></p>
<p>if this doesn't work, you might also try X-Forwarded-Host header</p></div>Courtenaytag:help.tenderapp.com,2008-11-12:Comment/453810512018-06-04T18:41:03Z2018-06-04T18:41:03ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>Awesome! Whitelisting the cache headers appears to have worked. We'll continue to test on our end.</p>
<p>Thank you!!</p>
<p>Mark</p></div>Mark Baltzegartag:help.tenderapp.com,2008-11-12:Comment/453810512018-06-04T18:48:12Z2018-06-04T18:48:12ZCloudFront redirect to cheddargetter.tenderapp.com<div><p>OK great, I'll stop smashing my head on this awful aws UI :) Let me know if there's anything else I can help with.</p></div>Courtenay