openanalytics / shinyproxy-rstudio-ide-demo

Running RStudio inside ShinyProxy
https://www.shinyproxy.io
16 stars 10 forks source link

Can't load RStudio in Iframe (mixed-content) #4

Open nicolas-mosch opened 2 years ago

nicolas-mosch commented 2 years ago

I configured ShinyProxy with Rstudio as described in the example. My shinyproxy host is running under https but for some reason the iframe tries to reach the url using http (see error below)

Mixed Content: The page at 'https:///sp/app/rstudio' was loaded over HTTPS, but requested an insecure frame 'http:///sp/app_directi/rstudio//auth-sign-in?appUri=%2F'. This request has been blocked; the content must be served over HTTPS.

The strange thing is I also configured JupyterLab as described here and it works with no issue, which makes me doubt that the issue is in my nginx proxy

It seems to me it's caused by this redirect to /auth-sign-in which seems to be trying http

mnazarov commented 2 years ago

Do you have DISABLE_AUTH: true in the container-env as described in README? Normally it shouldn't redirect to /auth-sign-in in this case.

nicolas-mosch commented 2 years ago

Hi @mnazarov, yes but it didn't seem to help. I did do some tests directly on the rstudio container spawned by shinyproxy however and discovered that the redirect only happens when www-root-path=/app_direct_i/rstudio/_/ is present in the rserver.conf file (via the WWW_ROOT_PATH env variable). Unfortunately omitting this property doesn't seem to be an option when running rstudio in shinyproxy as when I set WWW_ROOT_PATH to / it doesn't load at all

mnazarov commented 2 years ago

ok, but the above WWW_ROOT_PATH seems to be correct... Which rstudio image do you use? Is it the one from this repository or some custom one?

LEDfan commented 2 years ago

As @mnazarov mentioned, it's important to use the correct rstudio docker image. As you can read in the readme, RStudio 4.0.0 and later requires at least ShinyProxy 2.5.0. Can you specify which ShinyProxy and RStudio version you are using?

oskotsky commented 1 year ago

Dear All,

I could confirm. With shinyproxy-rstudio-ide-demo/nginx/AWS ELB (elastic load balancer) I see the same issue when trying to launch newer version of Rstudio:

openanalytics/shinyproxy-rstudio-ide-demo:2021.09.2_382__4.1.2: jquery.min.js:2

   Mixed Content: The page at 'https://url.net/app/rstudio' was loaded over HTTPS, but 
   requested an insecure frame 'http://url.net/app_direct_i/rstudio/_/auth-sign-in?appUri=%2F'. 
   This request has been blocked; the content must be served over HTTPS. 

However, the older version of Rstudio:

openanalytics/shinyproxy-rstudio-ide-demo:1.2.1335__3.6.0

seems to be working just fine.

In my setup shinyproxy is version 2.6.1 and DISABLE_AUTH set to true.

oskotsky commented 1 year ago

AWS support confirmed that aws elb doesn’t alter requests coming from the target back to client, thus http is returned to https client and things break. Seems like to fix the issue the solution must be found for the target (container/nginx).

oskotsky commented 1 year ago

this fixed the issue: server: forward-headers-strategy: native