Subdomain fetch causing redirect loop

When I’m fetching a non-proxied subdomain within the same DNS zone, I get a redirect loop.

For example, if my worker script is deployed on https://testing.example.com/ and I try to fetch https://api.example.com/test, I will get an error that reads:

TypeError: Too many redirects.; urlList = https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test, https://api.example.com/test

Running curl https://api.example.com/test does not yield a redirect loop so it is not a problem with the api service.

This behaviour only happens when deployed, it works as expected in the editor. It also works as expected when deployed on the *.worker.dev subdomain.

I also tried the resolveOverride trick in the fetch options, but the same thing happens.

Note: the api host is actually a 4th level subdomain, but I don’t think it’ll make a difference.

EDIT: Actually, it doesn’t seem like the fact that it is non-proxied matters.

EDIT 2: It looks like the requests are being converted to http internally and the api service is enforcing https by redirecting to https. I confirmed this by setting up an https server but disabled port 80.

So it turned out to be somewhat of a configuration issue.

My SSL mode is set to flexible because of a legacy service. What I didn’t realize is that this forces all origin requests to be insecure. I was able to make things work with a page rule, but it’d be nice to see an override in the fetch options like resolveOverride.