Reverse Proxy Support - Githubissues

devfake / flox

Self Hosted Movie, Series and Anime Watch List

https://flox-demo.pyxl.dev/

MIT License

1.29k stars 190 forks source link

Reverse Proxy Support #148

Open Protinon opened 4 years ago

Protinon commented 4 years ago

I had trouble getting Flox to run using a reverse proxy, especially over https. I'm not a php developer but I did some researching and found a solution that worked for me. The documentation says it introduces a security risk so I feel there should be a better solution. Has anyone else run into this issue?

Here's an article on the Laravel website that explains the issue. On that article they mention an external php package (fideloper/proxy) that allows for easy configuration of trusted proxies. I haven't tried setting that up because I'm not familiar enough with php.

The solution I had success with is mentioned on this page. I added the following code to public/index.php and it loaded successfully. I tried replacing 'REMOTE_ADDR' with '127.0.0.1' but that didn't work.

Request::setTrustedProxies(
    ['REMOTE_ADDR'],
    Request::HEADER_X_FORWARDED_PROTO
);

calgara12 commented 4 years ago

Hey, I have the same problem. But I can't get it to work. I tried adding

Request::setTrustedProxies(
    ['REMOTE_ADDR'],
    Request::HEADER_X_FORWARDED_PROTO
);

to my index.php, but I just get the error:

Undefined class constant 'HEADER_X_FORWARDED_PROTO'Uncaught Error: Call to a member function send() on bool in /var/www/html/backend/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/HandleExceptions.php:123 Stack trace: #0 /var/www/html/backend/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/HandleExceptions.php(100): Illuminate\Foundation\Bootstrap\HandleExceptions->renderHttpResponse(Object(Symfony\Component\Debug\Exception\FatalThrowableError)) #1 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleException(Object(Symfony\Component\Debug\Exception\FatalThrowableError)) #2 {main} thrown

Any help would be greatly appreciated

devfake commented 4 years ago

@calgara12 Did you import the namespace for the Request class?

\Symfony\Component\HttpFoundation\Request::setTrustedProxies(
  ['REMOTE_ADDR'],
  \Symfony\Component\HttpFoundation\Request::HEADER_X_FORWARDED_PROTO
);

D3v01dZA commented 3 years ago

So I have this working but have not made a PR since I lack the knowledge (and local setup on Windows) on how to make it configurable from the .env file.

To get this working you should be able to copy what's in this branch https://github.com/devfake/flox/compare/master...D3v01dZA:test

All that's required is to activate the middleware, it seems that it is already required by composer somewhere (I think laravel requires it by default but I'm not certain).

Edit: Its normally not advised to use * for the trusted proxies :)

coalwater commented 3 years ago

So I use nginx and php7.4-fpm and I was able to fix this issue ( assets not loading because they are using http ) by adding a

fastcgi_param HTTPS on

To my php block, ie:


location ~ \.php$ {
  # ...
  fastcgi_param HTTPS on
  # ...
}