[Geoserver-devel] [JIRA] (GEOS-8240) Support X-Forwarded-Proto header in ResponseUtils.baseURL

_Failed_to_Retrieve · July 31, 2017, 10:38am

Taro Matsuzawa created an issue

Support X-Forwarded-Proto header in ResponseUtils.baseURL

Issue Type:	Bug
Affects Versions:	2.11.1
Assignee:	Unassigned
Created:	31/Jul/17 12:38 PM
Environment:	Ubuntu 16.04 + nginx + tomcat8
Priority:	Medium
Reporter:	Taro Matsuzawa

https://github.com/geoserver/geoserver/blob/master/src/ows/src/main/java/org/geoserver/ows/util/ResponseUtils.java#L427
ResponseUtils.baseURL use req.getScheme() but if tomcat run http and run inside SSL proxy server, req.getScheme() return “http”.
This problem raise mix-contents error in Layer Preview in Style Editor.
This problem will resolve to check “X-Forwarded-Proto” header.

example:

String scheme = req.getScheme();
String proto = req.getHeader("x-forwarded-proto");
StringBuffer sb = new StringBuffer();
if (proto.equals("https") &amp;&amp; !scheme.equals(proto)) {
  sb.append(proto);
} else {
  sb.append(scheme);
}

nginx config example:

  location ~* ^/geoserver/(.*) {
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_pass http://127.0.0.1:8080;
  }

Add Comment

Get JIRA notifications on your phone! Download the JIRA Cloud app here.
This message was sent by Atlassian JIRA (v1000.1145.0#100056-sha1:1309546)