Override URL Helper schema to be HTTPS always

OrchardCMS / OrchardCore

Orchard Core is an open-source modular and multi-tenant application framework built with ASP.NET Core, and a content management system (CMS) built on top of that framework.

https://orchardcore.net

BSD 3-Clause "New" or "Revised" License

7.43k stars 2.4k forks source link

Override URL Helper schema to be HTTPS always #10328

Open xperiandri opened 3 years ago

xperiandri commented 3 years ago

Is your feature request related to a problem? Please describe.

If you put Orchard Core website under the reverse proxy where the proxy communicates with Orchard Core website via HTTP but serves it to the world by HTTPS all the links (especially SEO-related) become invalid (pointing to HTTP although page served from HTTPS).

Describe the solution you'd like

An option that allows enabling the overriding scheme to be HTTPS always for any HTTP request.

Describe alternatives you've considered

Communicate with HTTPS from nginx to Orchard Core website. But it adds unnecessary overhead.

sebastienros commented 3 years ago

The reverse proxy middleware is enabled by default in ASP.NET (and Orchard Core), however it will only be active if your settings are configured to do so, either in the appsettings.json or the environment variable.

c.f. https://docs.microsoft.com/en-us/aspnet/core/host-and-deploy/proxy-load-balancer?view=aspnetcore-5.0#forward-the-scheme-for-linux-and-non-iis-reverse-proxies

Maybe we should add this in the default appsettings, commented, with an explanation on why to configure it.

hyzx86 commented 2 years ago

Maybe we should add this in the default appsettings, commented, with an explanation on why to configure it.

Yes, and it should only be enabled by the default site. The tenant should not manage the reverse proxy settings It should be a function that only the site owner can manage