Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use X-Forwarded-Host as url_root when present #799

Merged

Conversation

marekful
Copy link
Contributor

@marekful marekful commented Jun 28, 2022

If whoogle is behind a proxy which is accessed on a non-standard port, this port is lost to the application and element['src']s are incorrectly formed (omitting port). The port is also missing when redirecting after new session.

E.g. some unrelated service is running on example.com:80/443 and Nginx listens on example.com:5000 proxying to whoogle which listens on some host 5001. In this case, request.url_root doesn't include the front port 5000 which is expected by the client (browser) to render img.src correctly.

HTTP X-Forwarded-Host will contain this front port number in a typical Nginx reverse proxy configuratoin, e.g.

server {
    listen 5000;
    listen [::]:5000;
    server_name whoogle.example.com;
    ...
    location ~ /(search|) {
            proxy_pass http://10.0.8.14:5001;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-Host $http_host; # will forward https://whoogle.example.com:5000/
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_redirect off;
    }
}

marekful added 6 commits June 28, 2022 09:04
If Whoogle is accessed on a non-standard port _and_ proxied,
this port is lost to the application and `element['src']`s are
incorrectly formed (omitting port).

HTTP x-Forwarded-Host will conain this front port number in
a typical Nginx reverse proxy configuratoin.
@benbusby benbusby merged commit ee2d372 into benbusby:main Jul 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants