search

hstonel / gitblit

Automatically exported from code.google.com/p/gitblit
Apache License 2.0
0 stars 0 forks source link

Repository URL is wrong when using a reverse proxy #115

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Follow the guide to configure gitblit to be access behind apache configured 
as a reverse proxy in https
2. Access to a page that contains the repository url

You should see an URL with the https scheme because the external URL is https, 
but instead you see an http URL

What version of the product are you using? 1.0.0 

On what operating system? Debian

Original issue reported on code.google.com by fabio.ca...@gmail.com on 25 Jul 2012 at 11:30

GoogleCodeExporter commented 9 years ago 
Hmmm.  I'm sure you are right.  I assume you are using mod_rewrite, but that 
may only affect links and the repository URL is not currently a link.  I'm not 
sure if it should be.  Perhaps.  In the meantime, you can set web.otherUrls 
with the appropriate url but it will still display the internal link as the 
default.

Original comment by James.Mo...@gmail.com on 25 Jul 2012 at 11:52

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
Well what I've done is simply following the paragraph "Running Gitblit behind 
Apache" under http://gitblit.com/setup.html and it does not use mod_rewrite but 
just mod_proxy.
I've quickly look at the source code and I see that the method 
com.gitblit.utils.HttpUtils.getGitblitURL() simply does an 
HttpServletRequest.getScheme() but I think that this will be always http if 
your apache contact gitblit in http.
Probably there should be a property web.scheme manually set to https when using 
this configuraion and th getGitblitURL() should check also this property

Original comment by fabio.ca...@gmail.com on 25 Jul 2012 at 12:37

GoogleCodeExporter commented 9 years ago 
This problem can also be seen in the demo site which sits behind a reverse 
proxy.  I'll give it some thought.  Thanks for the report.

Original comment by James.Mo...@gmail.com on 25 Jul 2012 at 2:01

GoogleCodeExporter commented 9 years ago 
I've implemented support for the http header fields X-Forwarded-Proto and 
X-Forwarded-Port in HttpUtils.getGitblitURL().  This will be part of the next 
release.

If you access the Gitblit demo site via http then you will see http repository 
urls.  If you access via https, then you will see https repository urls.  The 
demo sits behind RedHat's nginx reverse proxy and it sets X-Forwarded-Proto for 
each request.  Unfortunately at the moment it does not set X-Forwarded-Port, so 
Gitblit makes a reasonable assumption that https & 80 don't mix.  I have an 
open request to RedHat to set that header field.

For your case I believe the syntax for Apache httpd will be:

Header set X-Forwarded-Proto https
Header set X-Forwarded-Port 443

Original comment by James.Mo...@gmail.com on 2 Aug 2012 at 11:46

GoogleCodeExporter commented 9 years ago 
Thanx a lot!

The syntax for apache should be:

RequestHeader set X-Forwarded-Proto https
RequestHeader set X-Forwarded-Port 443

If you use "Header" insted "RequestHeader" X-Forwarded-Proto and 
X-Forwarded-Port are added to the response and not to the request forwarded to 
the internal server

Cheers!

Original comment by fabio.ca...@gmail.com on 3 Aug 2012 at 7:48

GoogleCodeExporter commented 9 years ago 
Thanks.  I corrected the documentation.

Original comment by James.Mo...@gmail.com on 3 Aug 2012 at 11:49

GoogleCodeExporter commented 9 years ago

Original comment by James.Mo...@gmail.com on 20 Aug 2012 at 2:06

GoogleCodeExporter commented 9 years ago 
Fix/change released in 1.1.0.

Original comment by James.Mo...@gmail.com on 25 Aug 2012 at 12:20