IssueTracker

Project: platform/frameworks/support
Branch: androidx-main

commit b6c7c78f9e7476b468dafe9d5f7dec6794d47f09
Author: Shahd AbuDaghash <shahddaghash@google.com>
Date:   Mon Nov 27 11:16:51 2023

    Introduce DecayAnimation in AnchoredDraggable
   
    Decay animation allows more realistic settling of a component. This is performed by now passing a `DecayAnimationSpec` parameter to AnchoredDraggable and using it when animating to the target. The new animation implementation will be added in a chain CL.
   
    Bug: 288084801
    Test: Tests will be added in a chain CL
    Relnote: This change adds a `decayAnimationSpec` parameter to AnchoredDraggable allowing to use decay animation when settling to one of the anchors. The change also includes renaming the existing `animationSpec` to `snapAnimationSpec` to help understanding the use case of each spec.
    Change-Id: I44ccd408d919328fd6504d31d8db59cf1d07de43

M       compose/foundation/foundation/api/current.txt
M       compose/foundation/foundation/api/restricted_current.txt
M       compose/foundation/foundation/samples/src/main/java/androidx/compose/foundation/samples/AnchoredDraggableSample.kt
M       compose/foundation/foundation/src/androidInstrumentedTest/kotlin/androidx/compose/foundation/anchoredDraggable/AnchoredDraggableGestureTest.kt
M       compose/foundation/foundation/src/androidInstrumentedTest/kotlin/androidx/compose/foundation/anchoredDraggable/AnchoredDraggableStateTest.kt
M       compose/foundation/foundation/src/commonMain/kotlin/androidx/compose/foundation/gestures/AnchoredDraggable.kt

https://android-review.googlesource.com/2847074

Project: platform/frameworks/support
Branch: androidx-main

commit 365993d1a90c27704b71f6bee042a1749314a4b1
Author: Shahd AbuDaghash <shahddaghash@google.com>
Date:   Tue Nov 28 10:49:56 2023

    Add tests for Animation in AnchoredDraggable
   
    Added tests to check for different settling behaviors.
   
    Bug: 288084801
    Test: Added tests to verify behavior.
    Change-Id: I369b30c69f7c29f676ae0671fef25c38ff3c74cb

M       compose/foundation/foundation/src/androidInstrumentedTest/kotlin/androidx/compose/foundation/anchoredDraggable/AnchoredDraggableStateTest.kt

https://android-review.googlesource.com/2847475

Project: platform/frameworks/support
Branch: androidx-main

commit ff1a600df5f4d8ae21a75d8e3e0f24d6c5c2faee
Author: Shahd AbuDaghash <shahddaghash@google.com>
Date:   Mon Nov 27 15:51:12 2023

    Modify settle function to perform decay animation if possible
   
    When settling, a check will be performed to see if natural decay animation can be used. If not so, a target animation will be used. The consumed velocity is returned to the settle function, which could be used to show an overscroll effect.
   
    Bug: 288084801
    Test: Tests will be added in a chain CL.
    Relnote: This change introduces a new `animateToWithDecay` function that naturally decays if possible. It takes the target value and the initial velocity. The `animateTo` functions no longer takes a velocity, but passes the available velocity in `lastVelocity` to animation, as it is concerned with reaching the target. If users need to pass a certain velocity for animation, they can use `animateToWithDecay` function.
    Change-Id: I465dbd826e3969b784d08c65425f4bbda3de8493

M       compose/foundation/foundation/api/current.txt
M       compose/foundation/foundation/api/restricted_current.txt
M       compose/foundation/foundation/src/commonMain/kotlin/androidx/compose/foundation/gestures/AnchoredDraggable.kt

https://android-review.googlesource.com/2847576

Project: platform/frameworks/support
Branch: androidx-main

commit 01142ddd5b14eb33e5145c4e72e6619a5c100fe4
Author: Shahd AbuDaghash <shahddaghash@google.com>
Date:   Thu Dec 21 12:34:00 2023

    Introduce Overscroll in AnchoredDraggable
   
    Adding overscroll support to AnchoredDraggable by giving the ability to pass a customized overscrollEffect object to AnchoredDraggable.
   
    Bug: 288084801
    Relnote: An OverscrollEffect has been introduced to allow for custom overscroll effects in anchoredDraggable. To retrieve the consumed velocity after animation, the consumed velocity is returned from the settle function.
    Test: Added tests to verify behavior
    Change-Id: I100683fe7473b1e5ff317ab22245a2b0a25bd549

M       compose/foundation/foundation/api/current.txt
M       compose/foundation/foundation/api/restricted_current.txt
M       compose/foundation/foundation/integration-tests/foundation-demos/src/main/java/androidx/compose/foundation/demos/AnchoredDraggableDemo.kt
M       compose/foundation/foundation/samples/src/main/java/androidx/compose/foundation/samples/AnchoredDraggableSample.kt
A       compose/foundation/foundation/src/androidInstrumentedTest/kotlin/androidx/compose/foundation/anchoredDraggable/AnchoredDraggableOverscrollTest.kt
M       compose/foundation/foundation/src/commonMain/kotlin/androidx/compose/foundation/gestures/AnchoredDraggable.kt

https://android-review.googlesource.com/2888106

Project: platform/frameworks/support
Branch: androidx-main

commit 0f071d797bccf7eff2a23e408928ca76640af782
Author: Shahd AbuDaghash <shahddaghash@google.com>
Date:   Wed Nov 29 18:34:09 2023

    Migrates AnchoredDraggable to Modifier.Node
   
    Migrates AnchoredDraggable to Modifier.Node. This helps in adding Overscroll effect in AnchoredDraggable.
   
    Bug: 288084801
    Test: Added tests to verify behavior
    Change-Id: I3f3338cd71763972c4b70f2e06c97e85285b0035

M       compose/foundation/foundation/src/androidInstrumentedTest/kotlin/androidx/compose/foundation/anchoredDraggable/AnchoredDraggableGestureTest.kt
M       compose/foundation/foundation/src/commonMain/kotlin/androidx/compose/foundation/gestures/AnchoredDraggable.kt
M       compose/foundation/foundation/src/commonMain/kotlin/androidx/compose/foundation/gestures/Draggable.kt
M       compose/foundation/foundation/src/commonMain/kotlin/androidx/compose/foundation/gestures/Draggable2D.kt

https://android-review.googlesource.com/2852691

Any body out there??? We need this to be able to use HTTPS Load Balancing.

Can we have a timeframe for this please.

There is a couple line work around you can do in your web server that I've posted.

if ($http_x_forwarded_proto = "http") {
  return 301 https://$host$request_uri;
}

that's really important, google. for all of us. please give us an update

I would also like this feature since without it  I am required to run a web server on my app servers, or add another layer to my stack.

I'm not sure how the work around would work in this situation. If the backend is pointed at port 443, it will never hit the listen on port 80 to redirect.

could someone provide what the frontend -> lb -> backend setup looks like to support the listed work around?

I guess it assumes there is no https backend. The load balancer forwards both http and https to a http backend. If the forward came from http the value for http_x_forwarded_proto is http and you know you can redirect to https.

If you're using apache this is a convenient mod rewrite setup

# allow for healthcheck to occur
RewriteCond %{REQUEST_URI} !^/healthcheck.html
# redirect http to https
RewriteCond %{HTTP:X-Forwarded-Proto} !https [OR]
# redirect www to non www (if you want)
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

[Comment deleted]

I would love to have this feature implemented; in the meantime, this is our workaround (apache 2.4) (similar to the one posted above)

# allow the google healthcheck
RewriteCond %{HTTP_USER_AGENT} !(^GoogleHC) [OR]
RewriteCond %{REQUEST_URI} !^/healthcheck.html
# redirect to https
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Any update on this?  I don't understand the workaround.  Here's the issue I'm facing:

My domain xyz.com

When I setup a load balancer (either TCP or http(s)), when I choose which ports to put on my front end, I can only pick one port at time, and then that front end gets its own IP address (autogenerated, can't edit it), so like this:

FrontEnd1: https  1.2.3.4:443
FrontEnd2: http:   3.4.5.6:80

Ok, so now what do I put in cloud DNS?  Which IP do I assign to xyz.com?  Seems I would need to have two domain names and have one host just sit there and redirects http://xyz.com to something like http://secure.xyz.com.  I really need http://xyz.com redirected to https://xyz.com, but I don't see how that can work the my http front end has to have a different IP than my https front end.

I think I'm missing something really obvious -- this is so common.

sorry, xyz.com was just an example, not really my domain.

You just need to chose the same IP address for both Global Forwarding front ends. You generate a Static one not ephemeral. That won't fix the issue of redirection thought. @dp@berry.ai

No work around when using backend buckets.  Status update please.

+1 on this. This is another issue that prevents BAA covered customers from using the L7 LB.

Thanks and godspeed to whomever this was assigned to on 2017-04-24.

I would really like this too...

Just in case the number of reports makes a difference - this would be exceedingly useful for us as well, in using the LB for SSL termination. Please consider adding this capability.

Same as
Just in case the number of reports makes a difference - this would be exceedingly useful for us as well, in using the LB for SSL termination. Please consider adding this capability.

While I agree that there are simple-enough workarounds for the classic backend-services (by reacting on the X-Forwarded-Proto header) this has become more important with the general availability of backend buckets. It's really unfortunate that one has to set up a different backend infrastructure for the http-path (namely using something like nginx as a backend service which does nothing but redirect http to https) to be able to get https-redirects to work on a domain where all you want to do is serve static files from a cloud storage bucket…

It would be really great to get a status update on this issue.

I tried to setup a backendservice to 443(https) port and I surprised when it didn't work and check the configuration again the port had been changed to 80 in the backendservice configuration. I also tried to create on single backendservice adding both ports as per documentation, (80,443) and it get changed to (80,80).
My backendservice is running https(nginx) as all the requests to port 80 are redirected to 443 but it just doesn't work with LB. Removing LB out of the picture everything works fine, directly accessing my server. However, I wanted to have LB to use the instance group autoscale. So, I may have to created a micro instance with ngnix to just do the LB there.. ouch.

+1 To this issue.

Especially with Google's recent push for a secure web, this would be exceedingly useful for SSL termination and HTTP->HTTPS redirection.
While you could theoretically do this app-side, it would further reduce the load on the servers and handle it "at the gate" so to speak.
As it is, this is a severe limitation of using the LB-as-a-service feature.

We brought this up to a Google rep and he had the following to say: "there is no firm plan/timeline for this feature being implemented. However, they (the LB team) will be revisiting prioritization of new features soon during Q3 planning."
If you find this important let your voice be heard!

+1 to this issue.

It is sad to see that it has been 1.5 years since this issue is filed. I have a django 1.11 based web site and I followed the GKE docs and deployed the django app on container engine cluster. I need a load balancer with SSL termination and I want to allow only HTTPS traffic so I need the HTTPS redirect. Static files are on GCS so I didn't deploy another web server, using gunicorn. I had mixed success setting the redirect in Django. Currently when I only set SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https'), on staging cluster somehow the redirect works so I assume the load balancer is handling that, but on production cluster which has the same configs, it does not work.

I followed the instructions at https://cloud.google.com/container-engine/docs/tutorials/http-balancer, where for HTTPS termination it points to https://kubernetes.io/docs/concepts/services-networking/ingress/#tls. Then HTTPS itself works great if sites are reached with https://... When I tried SECURE_SSL_REDIRECT on django setting, it gives 50X error. Just like nginx controller, by default, if we set a SSL certificate GCE ingress controller should automatically redirect HTTP traffic to HTTPS. Why should I end up creating another cluster for nginx ingress controller?

+1 to this issue.

+1 to this issue.

+1

I have managed to redirect http to https after add this string in nginx.conf

if ($http_x_forwarded_proto = "http") {
  return 301 https://$host$request_uri;
}


But I got weird thing, my https website showed default nginx test page in /usr/share/nginx/html

Even though, I setup listen 443 to document root /var/www/html in nginx.conf

Any help appreciated

Thanks

+1 to this issue.

Our team's perspective is that a redirect happening at the Load Balancer level is ideal. We would love to see the feature implemented, as it would save us a lot of effort in configuring redirects either at the web server or application layer.

Thanks,
- Eric Geiger

+1 for this feature, ideally enabled per virtual host/path and not globally, so that some hosts/paths get redirected and others don't.

My use case for selective redirection is the Let's Encrypt ACME protocol for issuing/renewing TLS certificates automatically. It does require http enabled on a subpath of the domain, to verify ownership before issuing a certificate for it.

Regarding Let's Encrypt you could use the DNS challenge instead. This is
how we are using it. Works great.
On Fri, Jul 7, 2017 at 07:04 <buganizer-system@google.com> wrote:

+1 for this feature.

Need it.

For me the best way to implement this would be having HSTS on the load balancer, as tracked in issue 62051227: https://issuetracker.google.com/issues/62051227

+1!

This is a must feature especially when you have storage bucket based backend services;

It's interesting that I can deploy a reverse proxy such as Traefik and this is enabled out of the box, however when trying to use the Google HTTP(s) Load Balancer it doesn't support it. Please implement.

+1!

+1!

+1

+1

+1 This is a potential blocker for customers wanting to lift and shift from other cloud providers that have this feature.

+1

How does one know when this feature will be released? What does p2 priority and s2 severity mean?

+1

+1

+1

+1  This would be greatly appreciated!

We too would like to see this implemented. Having to setup another reverse proxy (like Nginx or Apache) behind the GLB just to do that is suboptimal.

We'd really like to see this implemented ASAP! Workarounds at the webserver level are not as secure as at the loadbalancer level!

Hello, is there any update about this ? 2 LB front ( 80 + 443 ) 1 Static IP, pointing to the same backend service. all backend instance already configured to return 301 http->https, but when testing using http:// ... it doesn't redirect to https://

thank you.

+1

+1 from the backend buckets consumer. Please make it a priority. Thanks!

If you are doing an HTTP to HTTPS redirect inside your application or nginx, make sure you are using static IP set up for both HTTP and HTTPS load balancer frontends. Don't use two different ephemeral IP.

Then the redirect should work correctly.

+1 essential for using buckets in order to deploy single page apps securely

I have a webapp running on a GCE instance with an Apache proxy in front of it. I was able to solve this by:
* Creating a single http backend
* Creating an http frontend and an https frontend attached to the same static IP
* A VirtualHost configuration along the lines of:

<VirtualHost *:80>
  ServerName my.app.domain
  <If "%{HTTP:X-Forwarded-Proto} -strcmatch 'http'">
    Redirect / https://my.app.domain:443/
  </If>
  ProxyRequest Off
  ProxyPass / ...
  ProxyPassReverse / ...
  ...
</VirtualHost>

Hi all,

I am also facing same problem.

How to auto redirect http to https on apache tomcat and my ssl configured on top of load balancing.
can any one guide me.

thanks
srikanta

+1
We need this for a bucket backend, to redirect all http requests to https requests.

+1 It's been almost two years and this is not an unreasonable request; in fact it's becoming more of a necessity.

This should have been a feature before marking load balancing and making it publicly available.

+1 please make this soon

+1

+1 as the overhead of setting up the redirect behind load balancer is just too much

+1 for best user experience and security

+1 please

I have locked this issue for comments. If you can please use the "Me too!" button above to show interest. you can also comment and post at out user voice location.

https://googlecloudplatform.uservoice.com/forums/302616-load-balancing/suggestions/31951531-allow-http-to-redirect-to-https-automatically

My apologies please click the star next to the issue id and right above the "x people have starred this issue." if you are also interested in this feature.

Hello,

Can I please get any update on this feature request? Since I have a customer at the moment who is asking for it and he's considering on changing to another provider just because of this.

I'd appreciate any type of update or news about it.

Thanks in advance.

Are there any updates on this ?

Another ping on progress.

Team,
I had a customer ask about this today. Is there any update we can provide them?

Thanks,
Jose

+1 for another customer flagging this issue to me today. I have clicked the +1 button above and will direct them to the user voice location as well.

Thanks for any updates.

+ 1 if any updates.

+1 if any update please
Kind regards,

+1 if any update please

Thanks,
JW

+1 for update

+1 on update

+1 on the update please!

+1

+1

Please any considerable update on this feature request?
Thanks

Thank you for your patience on this issue.  The feature is currently in testing and we expect to enter Alpha phase before the end of January.  Our PM team will have an announcement with more details as we get closer to the Alpha launch.

Hi Dave,
I have a customer who is interested in getting one of their projects whitelisted for the HTTP->HTTPS redirect alpha. Are we able to sign up customers today? If so, can you let me know the next step?

Thanks,
Jose

Hello Team,

We have an Alpha available for HTTP(S) Load Balancing URL Rewrites and Redirects.  All Alpha terms apply. You need to be white-listed for the alpha. Please contact your Sales Representative or Account Team for more information.

We are proactively working on collecting feedback for the Alpha and will then open it up for public use without any white-listing.

Thank you

Thanks Babi and Dave.  We hit by this bug/feature in every project we did in past two years because HTTP to HTTPs is a common need.  It's great to see we are making progress.

HTTP(S) Load Balancing Rewrites and Redirects support is now in General Availability.
 
Here are the related documentation links :

https://cloud.google.com/load-balancing/docs/https/traffic-management

https://cloud.google.com/load-balancing/docs/https/setting-up-traffic-management

https://cloud.google.com/load-balancing/docs/features#routing_and_traffic_management

Thank you for your engagement. Please reach out if you have questions.

Thanks Babi for the update!

I'm wondering if there's a way to codify the HTTP to HTTPS redirection for GKE Ingress?

remove comment

Hello,

I'm wondering too if there's any way to do that redirection with GKE Ingress.

A customer of mine wants to use it via GKE Ingress and is having some issues.

Thanks!

Looking forward to answer too. My customer is using nginx-ingress on GKE because of this. They are also suffering performance issue. If our Cloud LoadBalancer could support rewrite-target, it would be AWESOME!