search

coupergateway / couper

Couper is a lightweight API gateway designed to support developers in building and operating API-driven Web projects
https://couper.io
MIT License
85 stars 15 forks source link

`request.url` does not reflect the current url scheme with a tls server #703

Closed malud closed 1 year ago

malud commented 1 year ago

Describe the bug Since #615 Couper may being used with the tls option which leads to the following behaviour.

To Reproduce Steps to reproduce the behavior:

  1. Which Couper version? Run couper version or docker run avenga/couper version edge
  2. Provide your configuration file *.hcl. Remove sensitive data.
server {
  hosts = ["*:4443"]

  tls {} #self-signed

  endpoint "/" {
    response {
      headers = {
        location = request.url
      }
    }
  }
}
  1. Provide a curl call for reproduction
curl -vk https://localhost:4443

> GET / HTTP/2
> Host: localhost:4443
> user-agent: curl/7.85.0
> accept: */*
> 

< HTTP/2 200 
< couper-request-id: cfej8etnsevi8b03uop0
< location: http://localhost:4443/
  1. See an error response or error log.

location: http://localhost:4443/ must be location: https://localhost:4443/

Additional context This also leads to wrong redirects for example while using the oidc configuration in combination with TLS:

headers {
  location = "${oauth2_authorization_url("oidc")}&state=${url_encode(relative_url(request.url))}"
}

This url would be unknown to a configured application.