Open joncfoo opened 6 years ago
Hi, this sounds like what was fix in https://github.com/cortesi/devd/pull/83 ?
I tracked down a bug with X-Forwarded-Proto.
When using "--cert" X-Forwarded-Proto gets set to "http" (should be "https")
Steps to reproduce:
# start web server in one terminal (netcat will do in a pinch)
nc -l 9000
# start devd in another terminal
# just use ~/.devd.cert which should be there if you have ever started devd with --tls
devd --cert=${HOME}/.devd.cert http://localhost:9000
# Make request
curl -k https://devd.io:8000
Then inspect the output from netcat. ( ctrl+C to quit netcat)
Note: the "--tls" flag sets X-Forwarded-Proto correctly.
I'm invoking
devd
with the command below and accessing my application overhttps://devd.io/
. I noticed in my application thatX-Forwarded-Proto = http
- shouldn't it behttps
since I am forwarding/=https://127.0.0.1:3000/
?Changing the following line in
reverseproxy.go
toreq.Header.Set("X-Forwarded-Proto", target.Scheme)
results inX-Forwarded-Proto
being set tohttps
(it works for my use-case but I'm not sure if this is the right fix?).https://github.com/cortesi/devd/blob/93164c9b170e00b808d34f54ff109d91b3e4d18b/reverseproxy/reverseproxy.go#L80