search

phusion / passenger

A fast and robust web server and application server for Ruby, Python and Node.js
https://www.phusionpassenger.com/
MIT License
4.98k stars 547 forks source link

HTTP3/QUIC breaks passenger Python apps ( Nginx + HTTP3 + Passenger ) #2522

Open Raidm404 opened 4 months ago

Raidm404 commented 4 months ago

Hello, I am testing Passenger with Nginx on http3/quic and it breaks the Python Django apps.

Testing Environment

  1. Os - Ubuntu 22.04
  2. Nginx - 1.25.3 built with OpenSSL 3.1.5+quic and nginx mod_passenger
  3. Passgener - 6.0.20
  4. Python 3.9 + Django 4
  5. in Django, settings add ALLOWED_HOSTS=['site.com']

Error Logs in Nginx

App 3440018 output:     response = get_response(request)
App 3440018 output:   File "/home/xxxx/lib/python3.9/site-packages/django/utils/deprecation.py", line 133, in __call__
App 3440018 output:     response = self.process_request(request)
App 3440018 output:   File "/home/xxxx/lib/python3.9/site-packages/django/middleware/common.py", line 48, in process_request
App 3440018 output:     host = request.get_host()
App 3440018 output:   File "/home/xxxx/lib/python3.9/site-packages/django/http/request.py", line 150, in get_host
App 3440018 output:     raise DisallowedHost(msg)
App 3440018 output: django.core.exceptions.DisallowedHost: Invalid HTTP_HOST header: '127.0.0.1:3000'. You may need to add '127.0.0.1' to ALLOWED_HOSTS.
App 3440018 output: [ pid=3440018, time=2024-02-10 04:08:48,300 ]: Bad Request: /

Don't add 127.0.0.1 in ALLOWED_HOSTS on Django settings, which will still result in replacing all links with 127.0.0.1 instead of the domain name

The same application will work on http2 If you like to see the Nginx configuration of http3, please have a look at https://nginx.org/en/docs/quic.html

I can also find a similar issue on the rack session https://github.com/rack/rack/discussions/2039

Raidm404 commented 4 months ago

Here is the Nginx passenger configuration.

    location / {                
        log_not_found  off;
        client_max_body_size 2000m;
        client_body_buffer_size 512k;
         # Python WSGI
        passenger_enabled on;
        passenger_app_type wsgi;
        passenger_python /home/site/XXX/bin/python3;
        passenger_startup_file wsgi.py;        
        passenger_user site;
        passenger_group site;
        # To test for production or development
        passenger_app_env production; 
    }
Raidm404 commented 4 months ago

Settings the following headers in Passenger configuration fixed this issue

passenger_set_header Host $host;
passenger_set_header X-Forwarded-For $proxy_add_x_forwarded_for;