search

getmango / Mango

Mango is a self-hosted manga server and web reader
https://getmango.app
MIT License
1.69k stars 120 forks source link

[Bug Report] Login fails when using Caddy as reverse proxy #260

Closed alethiophile closed 2 years ago

alethiophile commented 2 years ago

Describe the bug Currently trying to set up Mango behind my existing reverse proxy, which runs Caddy. While Mango works fine if set up behind nginx, it fails under Caddy; after I try to log in, I just get a redirect back to the login page.

To Reproduce Steps to reproduce the behavior:

  1. Configure mango as a reverse proxy target, using: 
    host: 127.0.0.1
port: 9000
base_url: /mango
  2. Configure caddy to forward to mango: 
    handle_path /mango/* {
reverse_proxy 127.0.0.1:9000
}
  3. Attempt to log in
  4. Fail, with no error message, but a redirect back to the login screen

Environment (please complete the following information):

Additional context Watching the network traffic, the behavior of nginx and caddy are different in many ways. Caddy uses a single connection rather than reopening per request, preserves the client's upstream Host header, automatically sets various forwarding headers, and so forth. However, caddy is a standards-compliant reverse proxy that works with any other web app. Thus, it seems Mango should support Caddy as reverse proxy in its default configuration, or at least provide documentation about what other configuration options are necessary.

Attached is the request Caddy forwards to Mango on login:

POST /login HTTP/1.1
Host: external.url.host
User-Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:95.0) Gecko/20100101 Firefox/95.0
Content-Length: 32
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.5
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Cookie: mango-sessid-9000=ee3d76d79228507ec9663cd05b46a7ae--8e35ec560b2ed857820c9edfb45dd8702a52198c; mango-sessid-9000=6c9b142a753f69ffcd1df3b5dc65b724--072e56c602abf09a25406d479ea1bb9c1a6553ec
Origin: https://external.url.host
Pragma: no-cache
Referer: https://external.url.host/mango/login
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
Te: trailers
Upgrade-Insecure-Requests: 1
X-Forwarded-For: 192.168.1.1
X-Forwarded-Proto: https

username=admin&password=password

By comparison, the nginx version, which works:

POST /login HTTP/1.1
Connection: upgrade
Host: localhost:9000
Content-Length: 32
User-Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:95.0) Gecko/20100101 Firefox/95.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://breitenfeld.lan
Referer: http://breitenfeld.lan/mango/login
Cookie: mango-sessid-9000=6b6f490d6a4950667b06bc885d234037--5b32fe22db6dfcd1cabccefdb16a67ea41f89782
Upgrade-Insecure-Requests: 1

username=admin&password=password
hkalexling commented 2 years ago

Thanks for the detailed bug report :+1:. I don't use Caddy personally so I will need to take a look.

alethiophile commented 2 years ago

I believe I've fixed the issue. During my earlier experimentation I had somehow managed to get two different mango-sessid cookies set on different paths, as you can see in the Caddy request transcript; this was messing up the login. Clearing those cookies made the problem go away.

hkalexling commented 2 years ago

Glad to know that you got it working!