Adding TLS/SSL support to your Perl web application could cause a headache if
it's not embedded in your web server. The most popular solution is to use an ssl
tunnel in front of your server that transparantly encrypts/decrypts messages. In
order to tell Plack application that TLS/SSL tunnel is used at least two
special HTTP headers
X-Forwarded-Proto must be set.
The problem is that a well-known tunneling application
stunnel does not
This is not a problem if you don't need to know if you run under TLS/SSL. You
even don't have to care in your templates about
because you can use these urls:
// will be automatically replaced by the current protocol.
The problem arrises when you have to use WebSockets for example (either raw or
as a part of Socket.IO suite). This way you have to change not only protocol url
wss:// but also WebSocket-specific HTTP headers.
In order to solve this problem I've written a simple TLS/SSL tunnel in
AnyEvent that supports
X-Forwarded-Proto headers and plays nicely with
Plack::Middleware::SocketIO. The source code is available on GitHub
https://github.com/vti/app-tlsme. One thing that stops me from releasing it
on CPAN is a small bug in the current AnyEvent, but the patch that fixes the
problem will be shipped with the next AnyEvent release. I hope this will happen