1.11.2 Form insecure using proxy

[akalderon]

Bug Description

Using NGINX proxy with SSL termination at the frontend yields connection insecure error when logging into linkace. This is not an issue in 1.11.1 nor is it an issue with any other SSL terminations on same servers.

Browser acknowledges that connection is secure by virtue of the valid SSL certificate on the front-end with the Proxy

Yielding an insecure form notification at login and a warning message that connection is insecure post credential submission requesting acknowledgment with 'Send Anyway' button. Clicking 'Send Anyway' proceeds to dashboard screen.

On iOS does not progress past login screen - just discards credentials and reloads the login screen

docker compose down, pulling 1.11.1-simple and docker compose up with no changes to compose file reverts to normal behavior with no issues on SSL offloading/termination via front-end proxy

How to reproduce

• image: linkace/linkace-simple or image: linkace/linkace:1.11.2-simple
• Default settings
• MariaDB as DB engine (connects fine as per below behavior)
• NGINX Proxy Manager acts as front-end web proxy with SSL valid certificate in place
• SSL headers added to proxy entry as per documentation (working fine on 1.11.1)
• Front-end accepts SSL connection on port 443 and proxies to linkace docker container at port 80
• Added environment variable: - TRUSTED_PROXIES=*
• Tried also with alternate .env file with added: TRUSTED_PROXIES=*
• cleared all cache via php artisan optimize:clear for good measure

Expected behavior

In 1.11.1 this was not an issue. SSL was accepted on the backend and post credentials login dashboard would show up as per normal behavior

Logs

No response

Screenshots

No response

LinkAce version

v1.11.2

Setup Method

Docker

Operating System

Linux (Ubuntu, CentOS,...)

Client details

• Mac OS Ventura 13.3
• Chrome for Mac OS
• v.111.0.5563.64 (Official Build) (arm64)

[Kovah]

Could you please confirm that your proxy is correctly configured to send the headers specified in the docs?

https://www.linkace.org/docs/v1/setup/setup-with-docker/advanced-configuration/#running-linkace-behind-a-proxy-load-balancer

[917huB]

subscribing. I'm seeing the same with TraefikEE. Will verify headers are correct.

[Kovah]

I have release a fix version. I missed the fact that trusted proxies are properly handled in the framework. Please try again with the v1.11.3.

[akalderon]

Confirmed v1.11.3 fixes the issue - thank you!