search

plantuml / plantuml-server

PlantUML Online Server
https://plantuml.com/
GNU General Public License v3.0
1.6k stars 463 forks source link

PlantUML behind reversed proxy and regression between v1.2021.12 and v1.2021.14 (most probably v1.2021.13) #219

Closed komapa closed 1 year ago

komapa commented 2 years ago

Something between these two versions https://github.com/plantuml/plantuml-server/compare/v1.2021.12...v1.2021.14, the behavior was broken for passing --module=http-forwarded which is needed for plantuml-server to be able to properly handle being behind a TLS load balancer. See https://github.com/plantuml/plantuml-server/issues/163

docker run -p 8080:8080 plantuml/plantuml-server:jetty-v1.2021.12 --module=http-forwarded
❯ curl -v http://localhost:8080/ -H "Forwarded: proto=https"
*   Trying 127.0.0.1:8080...
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.79.1
> Accept: */*
> Forwarded: proto=https
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Location: https://localhost:8080/uml/SyfFKj2rKt3CoKnELR1Io4ZDoSa70000
< Content-Length: 0
< Server: Jetty(9.4.43.v20210629)
<
* Connection #0 to host localhost left intact
docker run -p 8080:8080 plantuml/plantuml-server:jetty-v1.2021.14 --module=http-forwarded
❯ curl -v http://localhost:8080/ -H "Forwarded: proto=https"
*   Trying 127.0.0.1:8080...
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.79.1
> Accept: */*
> Forwarded: proto=https
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Location: http://localhost:8080/uml/SyfFKj2rKt3CoKnELR1Io4ZDoSa70000
< Content-Length: 0
< Server: Jetty(11.0.7)
<
* Connection #0 to host localhost left intact

Notice how the newer version returns Location: http://localhost:8080/uml/SyfFKj2rKt3CoKnELR1Io4ZDoSa70000 and not https:// as it should and what the older version returns.

Using 2021.14 because docker: Error response from daemon: manifest for plantuml/plantuml-server:jetty-v1.2021.13 not found: manifest unknown: manifest unknown

Do you have any ideas?

komapa commented 2 years ago

Another thing to point out is that the versions after jetty-v1.2021.12 do not seem to handle or pass linux signals properly either as you will see, you cannot CTRL-C from running the newer version of the docker container.

dirk-olmes commented 1 year ago

f08db467c8e5ff4ac21a737abd9d4c21c8f8fc49 added the call to generate-jetty-start.sh to the build phase in the Dockerfile. Since jetty.start now exists in the image it is used to start jetty without further processing of additional arguments.

I'm not sure how to fix this, though. From f08db467c8e5ff4ac21a737abd9d4c21c8f8fc49's commit message it seems that the generation of jetty.start was a deliberate choice to support containers with read only filesystems.

HeinrichAD commented 1 year ago

For documentation purpose:

There exists multiple examples now: