redirecting to local domain

[sohaibilyas]

• using laradock to host locally
• expose share hello.test --subdomain=hello
• Auth::routes(['verify' => true]); in routes file
• $this->middleware('verified'); in controller constructor
• When I hit my public url e.g. hello.sharedwithexpose.com it redirects me to local domain hello.test

ngrok simply goes to the same public url not the local domain

[dejury]

I think this is the same issue as mentioned in #13

[sohaibilyas]

I think this is the same issue as mentioned in #13

i dont think so bcoz im using laradock to host local website and #13 is using laravel valet

[dejury]

@sohaibilyas I see. Did you try to do it like this? expose share https://hello.test

[messerli90]

I had this issue too. Even when specifying the scheme it persisted: expose share https://example.test --subdomain=example

But, when I dropped the subdomain flag it worked. I've just tried again using a 'new' subdomain and that worked too.

I don't know if it's a caching issue or what. But prepending https:// and changing my subdomain has solved the 301 Redirect issue for me

Edit: I'm using Valet

[sohaibilyas]

@dejury you might be right on #13 coz i noticed im also getting 302 redirect on terminal

i just tried expose share https://hello.test but i dont have local ssl set using laradock so maybe its not loading anything, for now its just keep loading...

[sohaibilyas]

alright i tried laradock provided ssl for local site and expose share https://hello.test --subdomain=hello works fine but still getting redirect on ssl version of local site :( https://hello.test

but one more thing if i land directly on login page like this https://hello.sharedwithexpose.com/login it works but the moment i login it redirects back to local domain login page :/

[Sebastiangperez]

I have the same problem, when i expose my app and then a use the login automatically redirects to my local domain , this is a bug or something that i have to change in laravel ?

[OwenMelbz]

We're also having the same issue using Valet on macOS

e.g.

expose - This redirects to site.localhost variant expose share https://site.localhost - This generates random subdomain but works expose share https://site.localhost --subdomain=site - This redirects to site.localhost variant

It seems when using a non-random subdomain is when it fails

Update

Turning off Valet SSL makes expose work e.g. valet unsecure - so looks like local SSLs don't work potentially?

[aaemnnosttv]

Using Valet locally, I'm seeing mixed results but it seems to be based on the site served.

Running this command:

expose share https://example.test

Then in the Expose dashboard, the Host header is showing example.test:443 which is a valid Host header, but is not the same as what is set when browsing locally: example.test.

This causes the redirect problem for WordPress sites at least as it checks the Host header for ensuring the request is using the canonical URL.

[OwenMelbz]

FYI: Have updated to 1.2.2 and can still replicate it

[euneuber]

I've installed version 1.3.0 of expose can't get it working.

I'm on Linux but cannot use Valet :-( (it says: "Valet only supports the Mac operating system." -- maybe this is because I'm using openSuse Leap 15.1)

I'd like to run expose in combination with php -S localhost:8080 but at the moment I always get redirected to 127.0.0.1:8080 ...

Is there any HowTo available? Or is this really a bug?

[Sebastiangperez]

or its a laravel bug or its expose bug, has the same problem. if i made a laravel deafult auth, afterlogin , redirects to my localhost or localdomain.

[OwenMelbz]

It’s not Laravel bug, as we tried on Craft which is Yii.

Most likely a clash between Valet and Expose.

As this has been open for a while now, potentially won’t be fixed unless people can contribute a PR? Seems Marcel has been focusing on launching some new things so maybe this will have taken a back seat for a bit

[BVBAccelm]

I am also experiencing this issue using local development on an Ubuntu OS and I am not using Valet. It is for a project that uses the Yii framework as well but it is not using Craft CMS. We extensively use redirects after the POSTing of form data so logins and every redirect seems to go back to my local domain.

[sohaibilyas]

UPDATE

i tried ngrok using this command:

ngrok http -host-header=hello.test 80

and it worked fine it didnt redirect me to local domain but used the ngrok public domain so my setup works fine using ngrok but not using expose, notice i used host header command which does the magic using ngrok anybody knows how to set host header using expose?

[4unkur]

The same bug happens on my installation: macOS, PHP7, Apache, dnsmasq (Not a Valet)
The local website is hosted on port 80 - redirecting to the local URL. Tried also with another local website which is hosted on 443 and it did not redirect. However, all the generated links are set to the local URL.

[phpcxy]

I force change the domain in AppServiceProvider

URL::forceRootUrl('http://XXX.your-domain.com');

A temporary solution

[iksaku]

My current solution is to override the Laravel APP_URL env variable when starting up my server (using php artisan serve). That way, I can specify the expose URL and I don't get redirected back to localhost

EDIT: Works for GET requests, any other type of request gets redirected to localhost.

EDIT 2: Silly me, I was missing an Accept: application/json header.

[tomb1n0]

Adding my two cents here, experiencing the same issue. I'm running a Traefik container which I use to route requests to various project containers. Expose seems to work fine apart from on redirects, see the comparison below between Expose and Ngrok:

Expose:

[tomharper:~]$ curl -I http://example-project.sharedwithexpose.com                
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 25 Oct 2020 11:23:28 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Cache-Control: no-cache, private
Location: http://example-project.test/login
Set-Cookie: example_project_session=randomstring; expires=Sun, 25-Oct-2020 13:23:28 GMT; Max-Age=7200; path=/; httponly
X-Powered-By: PHP/7.3.23
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

Ngrok:

[tomharper:~]$ curl -I http://4ccc640d9253.eu.ngrok.io/            
HTTP/1.1 302 Found
Cache-Control: no-cache, private
Content-Type: text/html; charset=UTF-8
Date: Sun, 25 Oct 2020 11:23:35 GMT
Location: http://4ccc640d9253.eu.ngrok.io/login
Server: nginx/1.19.3
Set-Cookie: example_project_session=randomstring; expires=Sun, 25-Oct-2020 13:23:35 GMT; Max-Age=7200; path=/; httponly
X-Powered-By: PHP/7.3.23

Ngrok appears to be rewriting the location header for us, if Expose could do the same thing I think this would solve my particular issue. Unforuntaely Traefik doesn't allow me to rewrite this myself from what I've been able to tell

[phpcxy]

In Laravel AppServiceProvider I add this:

if ($this->app->environment() != 'production') {
    $parse = parse_url(config('app.url'));
    request()->headers->set('host', $parse['host']);
}

APP_URL in .env is http://XXX.your-domain.com

[tomb1n0]

Thanks @phpcxy , I think I'll continue to use Ngrok in the meantime until this is fixed. If I get some time I might look into a PR :)

[Krato]

In Laravel AppServiceProvider I add this:

if ($this->app->environment() != 'production') {
    $parse = parse_url(config('app.url'));
    request()->headers->set('host', $parse['host']);
}

APP_URL in .env is http://XXX.your-domain.com

Working for me. Thanks mate

[sohaibilyas]

working temporary solution: https://github.com/beyondcode/expose/issues/24#issuecomment-716270760

thanks @phpcxy

[ghostzero]

Hey there, im quite new here, i found this project right now but also got stuck by this issue.

I think the problem is this line:

https://github.com/beyondcode/expose/blob/f5c009eaddabfe422beabe9aa726477eca0f0650/app/Server/Http/Controllers/TunnelMessageController.php#L116

IMO this must be the name of the proxy domain, like random-domain-from-expose.example.com. So that a normal application like laravel or other apps get "Host: random-domain-from-expose.example.com".

So the request to the client should be looking like this:

$request->headers->set('Host', "{$controlConnection->subdomain}.{$host}"); // Host: random-domain-from-expose.example.com
// tbh X-Original-Host and X-Forwarded-Host makes no sence, since the Host is the same.

Unfortunally, changing to this will prevent the expose server from working. I am currently still debugging why this is, but I am not familiar with this repo.

--

A better workaround in the clients application would look like this (using the x-forwarded-host...) in the AppServiceProvider (which does not require to modify the url in the .env):

public function boot()
{
        $headers = request()->headers;
        $headers->set('host', $headers->get('x-forwarded-host', $headers->get('host')));
}

Edit:

I also checked the http request headers from ngrok that the application gets. They als set the host header to they proxy domain.

[ghostzero]

I created a fix for this #173 but this would require a major release, because this will change the behaviour of the request headers.

But the current master branch is broken for me, so i cannot test this. I used git bisect to determinate the first bad commit for me:

[solarsilk]

This seems to work fine for me.

expose share https://<folder name>.test --subdomain=<another subdomain name of your choice>

eg expose share https://my-git-repo.test --subdomain=myapp

results in: Expose-URL: https://myapp.sharedwithexpose.com

[jartaud]

@solarsilk nope! still being redirected to home.

[mgip]

I have the same problem.

in my AppServiceProvider have...

        $ip_address = @$_SERVER['REMOTE_ADDR'];  <---- this is 127.0.0.1

I think that when accessing through the address generated by Expose, the server variable detects -REMOTE_ADDR- the original IP and not the hostname.

but I'm not sure if it's an expose bug or something in the laravel code.

[glspdotnet]

Fellow Laravel users,

Please see the documentation for https://github.com/fideloper/TrustedProxy (bundled with Laravel) or its well-documented config file at vendor/fideloper/proxy/config/trustedproxy.php.

If you're running Expose on the same machine that your Laravel site is being served from, you should be able to get things working by adding the following to your config/trustedproxy.php (create it if necessary):

<?php

return [
    'proxies' => '127.0.0.1',
];

Note that you may still have issues if you're explicitly binding your routes to a specific domain (by passing in the domain option to Route::group(), for instance).

Hope this helps!

[jartaud]

@glspdotnet thanks!

My problem was this package: https://github.com/ARCANEDEV/Localization. I have to comment out this group:

Route::localizedGroup(function () {
      // routes
});

// .env
PROXIES=127.0.0.1

// config/trustedproxy.php
'proxies' => env('PROXIES', null)

// Terminal
expose

The result https://my-app.sharedwithexpose.com/ is working great.

[sohaibilyas]

Fellow Laravel users,

Please see the documentation for https://github.com/fideloper/TrustedProxy (bundled with Laravel) or its well-documented config file at vendor/fideloper/proxy/config/trustedproxy.php.

If you're running Expose on the same machine that your Laravel site is being served from, you should be able to get things working by adding the following to your config/trustedproxy.php (create it if necessary):

<?php

return [
    'proxies' => '127.0.0.1',
];

Note that you may still have issues if you're explicitly binding your routes to a specific domain (by passing in the domain option to Route::group(), for instance).

Hope this helps!

Thanks @glspdotnet

[ven0ms99]

Still not working for me.