Wrong URL in DRF for images when running through Loophole

tl-its-umich-edu / canvas-app-explorer

A Web application that presents a list of Canvas external (LTI) tools with details. When integrated within Canvas, the user can search for specific LTI tool(s), and add or remove those tools from Canvas courses.

Apache License 2.0

4 stars 6 forks source link

Wrong URL in DRF for images when running through Loophole #159

Closed jonespm closed 2 years ago

jonespm commented 2 years ago

When running in Loophole, images are having the URL https://127.0.0.1 instead of the original URL. It looks like the solution is to set

USE_X_FORWARDED_HOST=True in the config

This should be fine to use for all settings, though may need to be configurable.

ssciolla commented 2 years ago

Relevant docs: https://docs.djangoproject.com/en/4.0/ref/settings/#use-x-forwarded-port

Django says "This should only be enabled if a proxy which sets this header is in use." Does this also describe our deployment environments? If so, this is probably fine; otherwise, we should make it configurable. It can default to True if you want.

jonespm commented 2 years ago

I haven't tested it on Openshift. I could make it configurable just incase. I know that this was an issue we wanted to look at for X-FORWARDED-FOR on https://github.com/tl-its-umich-edu/remote-office-hours-queue/issues/359 but that's a slightly different issue. I do know that one did work.