diff --git a/src/aphront/configuration/AphrontApplicationConfiguration.php b/src/aphront/configuration/AphrontApplicationConfiguration.php
index 1f4a9dde11..07f7a806e3 100644
--- a/src/aphront/configuration/AphrontApplicationConfiguration.php
+++ b/src/aphront/configuration/AphrontApplicationConfiguration.php
@@ -14,7 +14,7 @@ abstract class AphrontApplicationConfiguration {
   abstract public function getURIMap();
   abstract public function buildRequest();
   abstract public function build404Controller();
-  abstract public function buildRedirectController($uri);
+  abstract public function buildRedirectController($uri, $external);
 
   final public function setRequest(AphrontRequest $request) {
     $this->request = $request;
@@ -96,7 +96,10 @@ abstract class AphrontApplicationConfiguration {
         $https_uri = $request->getRequestURI();
         $https_uri->setDomain($request->getHost());
         $https_uri->setProtocol('https');
-        return $this->buildRedirectController($https_uri);
+
+        // In this scenario, we'll be redirecting to HTTPS using an absolute
+        // URI, so we need to permit an external redirect.
+        return $this->buildRedirectController($https_uri, true);
       }
     }
 
@@ -188,7 +191,9 @@ abstract class AphrontApplicationConfiguration {
 
         if ($controller && !$request->isHTTPPost()) {
           $slash_uri = $request->getRequestURI()->setPath($path.'/');
-          return $this->buildRedirectController($slash_uri);
+
+          $external = strlen($request->getRequestURI()->getDomain());
+          return $this->buildRedirectController($slash_uri, $external);
         }
       }
       return $this->build404Controller();
diff --git a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
index 5035cae8ad..aa8c12260e 100644
--- a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
+++ b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
@@ -300,11 +300,12 @@ class AphrontDefaultApplicationConfiguration
     return array(new Phabricator404Controller($this->getRequest()), array());
   }
 
-  public function buildRedirectController($uri) {
+  public function buildRedirectController($uri, $external) {
     return array(
       new PhabricatorRedirectController($this->getRequest()),
       array(
         'uri' => $uri,
+        'external' => $external,
       ));
   }
 
diff --git a/src/applications/base/controller/PhabricatorRedirectController.php b/src/applications/base/controller/PhabricatorRedirectController.php
index 19a2460e9a..d12c728e1c 100644
--- a/src/applications/base/controller/PhabricatorRedirectController.php
+++ b/src/applications/base/controller/PhabricatorRedirectController.php
@@ -3,6 +3,7 @@
 final class PhabricatorRedirectController extends PhabricatorController {
 
   private $uri;
+  private $allowExternal;
 
   public function shouldRequireLogin() {
     return false;
@@ -14,10 +15,13 @@ final class PhabricatorRedirectController extends PhabricatorController {
 
   public function willProcessRequest(array $data) {
     $this->uri = $data['uri'];
+    $this->allowExternal = idx($data, 'external', false);
   }
 
   public function processRequest() {
-    return id(new AphrontRedirectResponse())->setURI($this->uri);
+    return id(new AphrontRedirectResponse())
+      ->setURI($this->uri)
+      ->setIsExternal($this->allowExternal);
   }
 
 }