When using bref/php-82-fpm-dev the HTTP_X_FORWARDED_PORT is always 8000

[Gemineye]

Description:

I use bref/php-82-fpm-dev behind a nginx server to develop in https mode. But i always have some urls that don't work like the web profiler toolbar.

i have to set $_SERVER['HTTP_X_FORWARDED_PORT'] = '443';

in my index.php

and

when@dev:
    framework:
        router:
          default_uri: 'https://abc.test'

How to reproduce:

This is my nginx proxy setup:

    location / {
        proxy_pass http://bref:8000;
        proxy_set_header    Host              $host;
        proxy_set_header    X-Real-IP         $remote_addr;
        proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
        proxy_set_header    X-Client-Verify   SUCCESS;
        proxy_set_header    X-Client-DN       $ssl_client_s_dn;
        proxy_set_header    X-SSL-Subject     $ssl_client_s_dn;
        proxy_set_header    X-SSL-Issuer      $ssl_client_i_dn;
        proxy_set_header    X-Forwarded-Proto https;
    }

[mnapoli]

Is there a reason you use nginx? That's not what is documented, I'm not sure if that could cause troubles here?

[Gemineye]

Hi, we have an application that needs HTTPS and uses SAML OAuth (even in DEV env with an allowed development URL xyz.test). And we see that the return URL contains the :8000 port (xyz.test:8000).

[mnapoli]

Got it! I'm not sure what is the root cause for that. You might want to dive into https://github.com/brefphp/local-api-gateway to see if you can spot the problem.

[Gemineye]

Hmm you use 'x-forwarded-port': ${request.socket.localPort}, maybe this should be a fallback if there is nothing in the request.

[mnapoli]

That might be a good idea, I haven't checked or tested though

[Gemineye]

I fixed my issue with setting LISTEN_PORT: 443 . So it will internaly forward the port 443 and we have the expected behavior. Maybe you should add this in your README.md.

Thanks for your help. I think you can close this issue.

[mnapoli]

A PR is always welcome 👍