I use an Application Load Balancer in AWS as an API Gateway: for forwarding requests to different applications running in AWS. I have configured it with both support for HTTP and HTTPS. A HTTPS listener contains all logical rules for requests forwarding. And a HTTP listener is configured with a single rule: to redirect all traffic to the HTTPS listener ({host}:443/#{path}?#{query}) and to return 301.
HTTPS works perfectly. And HTTP works fine for GET requests. But I found that POST requests to HTTP are converted to GET requests when being redirected to HTTPS, which obviously ends up with 404.
I found online that the problem is in 301 status (https://rtfm.co.ua/en/http-redirects-post-and-get-requests-and-lost-data/#The_root_cause_3xx_redirects_and_HTTP_RFC). But unfortunately there is no option in AWS ALB rules to redirect requests and to return 307 instead of 301.
So does anyone know how I can fix this issue? Thank you!
We have a similar setup. What we do is let the HTTP request pass through to the application server There the application detects the HTTP protocol and does a software-based 301 redirect as a POST to HTTPS. This moves the specialized protocol handling from the ALB to the application itself. Works great. Any application server would be easy to set up in this way.