nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-05-20 10:34:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

apache: Preserve host header when proxying to service

Browse Source 
- This allows us to perform some checks before redirecting for OpenID Connect.

Tests:

- Functional tests of many apps pass with the patch.

- OIDC related changes introduced later work due to this change.

Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
This commit is contained in:
Sunil Mohan Adapa 2025-11-21 21:40:45 -08:00 committed by James Valleroy
parent bced133d90
commit f0b1aa34ac
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
data/etc/apache2/conf-available/freedombox.conf
View File

@ -57,6 +57,7 @@
## ##
<Location /freedombox> <Location /freedombox>
ProxyPass http://127.0.0.1:8000/freedombox ProxyPass http://127.0.0.1:8000/freedombox
ProxyPreserveHost On
## Send the scheme from user's request to enable Plinth to redirect ## Send the scheme from user's request to enable Plinth to redirect
## URLs, set cookies, set absolute URLs (if any) properly. ## URLs, set cookies, set absolute URLs (if any) properly.
RequestHeader set X-Forwarded-Proto 'https' env=HTTPS RequestHeader set X-Forwarded-Proto 'https' env=HTTPS
@ -71,6 +72,7 @@
</Location> </Location>
<Location /plinth> <Location /plinth>
ProxyPass http://127.0.0.1:8000/freedombox ProxyPass http://127.0.0.1:8000/freedombox
ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto 'https' env=HTTPS RequestHeader set X-Forwarded-Proto 'https' env=HTTPS
RequestHeader unset X-Forwarded-For RequestHeader unset X-Forwarded-For
</Location> </Location>