Always set X-Forwarded-Proto


If your Rack application (and probably other types of applications) lives behind a reverse proxy, always set an X-Forwarded-Proto request header. I recently ran into an issue where Rack::Session (which I’m using for an OAuth1.0a server-side login flow) wouldn’t let me set a secure cookie because it didn’t think I was serving a secure web site.

I have forwardfor disabled in my HAproxy config because I’m using PROXY protocol to talk to Varnish. Manually adding the X-Forwarded-Proto header to the request fixed the issue, and now I want those three hours of my life back! Hopefully this comes up in someone else’s frantic googling at some point in the future and saves them a similar headache.

Yes, Virginia, the rMBP does have optical out

There’s been some question and debate around the interwebs about whether or not the new MacBook Pro with Retina display has an optical out or not. Pretty much every Mac released for the past ten years or so has provided digital audio output via the 3.5 mm stereo jack, requiring a mini-TOSLINK cable or adapter to utilize. However, the Apple does not list such functionality on the rMBP tech specs, leading to some speculation about whether Apple has decided to EOL this feature.

Here’s some pretty definitive proof that the feature is in fact still available and ready to go, courtesy of a Monoprice mini-TOSLINK adapter. Ooh, shiny red glow. Do not look directly into laser with remaining eye.