Closed devdicated closed 2 months ago
It looks like Thruster is not setting the "forwarded" headers.
I'd be happy to submit a PR if @kevinmcconnell wants to support them.
In the meanwhile, you could use ActionDispatch::AssumeSSL
.
Yes, that's a good point. The only X-Forwarded
header that's currently being set is X-Forwarded-For
. Setting X-Forwarded-Proto
should solve this. We should definitely do that 👍
I think instead of using NewSingleHostReverseProxy
, we should switch to using a ReverseProxy
with a Rewrite
handler, and in there we can call SetXForwarded
to populate those headers.
@3v0k4 if you're happy to create a PR for this, that would be awesome 🙏
Also, as noted above, in the meantime setting assume_ssl
along with force_ssl
will avoid the issue. That's how we've been running our apps.
Thanks for the tips, you saved me a ton of time.
I'll open a PR 🙂
Hi there,
I'm having problems with running Thruster with
force_ssl
enabled in Rails. Is this supposed to work?With the option disabled my app is loading normally, but this seems like a bad practice. If I enable the option the app keeps redirecting me to the same URL, which makes me think the proxy is not telling Rails that the connection is secure. (Maybe related to this? https://github.com/GoogleCloudPlatform/getting-started-ruby/issues/26)
Thanks!