Bug #10789: X-forwarded-Proto required when using Reverse Proxy - Ruby master - Ruby Issue Tracking System

Actions

Copy link

Bug #10789

closed

X-forwarded-Proto required when using Reverse Proxy

Added by jbalcorn (Justin Alcorn) almost 10 years ago. Updated over 5 years ago.

Status:

Closed

Assignee:

Target version:

ruby -v:

ruby 2.0.0p353 (2013-11-22) [x86_64-linux]

Backport:

2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN

[ruby-core:67841]

Description

The Webrick library httpserver.rb makes use of the X-Forwarded-* HTTP headers when building link references for 307 responses. It also requires X-Forwarded-Proto, but this header is not added by default in Apache 2.2 mod_proxy (and possibly others). It defaults to port 80, which can result in 307 responses that redirect to URIs such as

https://host.example.com:80/url

in httprequest.rb:

@forwarded_port = (tmp || (@forwarded_proto == "https" ? 443 : 80)).to_i

ruby 2.0.0p353 (2013-11-22) [x86_64-linux] on Red Hat Enterprise Linux Server release 6.6 (Santiago)

Workaround is to put

RequestHeader set X-Forwarded-Proto "https"

int the Apache conf, but Webrick should Do The Right Thing (tm) Since the header is not present by default.

Actions

Copy link

Also available in: Atom PDF

Like0

Like0Like0

Project

General

Profile

Ruby » Ruby master

Custom queries

Bug #10789

X-forwarded-Proto required when using Reverse Proxy

Updated by jeremyevans0 (Jeremy Evans) over 5 years ago

Updated by jeremyevans0 (Jeremy Evans) over 5 years ago