Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
HTTP Headers: X_FORWARDED_HOST vs HOST #1822
When setting up searx behind a reverse proxy configuration (e.g. filtron). We have to set some HTTP Headers. For Apache I posted my reference site here #1819 (comment) ...
I do not have much experience with HTTP, but I wonder: To work correct, searx also needs the
If it is a bug, this would be my patch ..
diff --git a/searx/webapp.py b/searx/webapp.py index aadefe6b..750ab9c5 100644 --- a/searx/webapp.py +++ b/searx/webapp.py @@ -960,6 +960,9 @@ class ReverseProxyPathFix(object): self.app = app def __call__(self, environ, start_response): + http_host = environ.get('HTTP_X_FORWARDED_HOST', None) + if http_host: + environ['HTTP_HOST'] = http_host script_name = environ.get('HTTP_X_SCRIPT_NAME', '') if script_name: environ['SCRIPT_NAME'] = script_name
I tested the patch and for me it works like a charm . But I have a doubt, because my HTTP and Flask experiences is not much.
PS: By the way, just a personal opinion. Stop using apache, it's slow and vulnerable to attacks like slow loris.
Good to know /Thanks .. with this in mind:
Apache does not overwrite the
If no one has a veto I send a PR with the patch.
PS: Thanks for your additional hints, but changing the http server isn't a option for me. I have several servers to maintain and I can't see any performance issues in my use cases.BTW I use mod_security (which is truly not the best choice and I have to think about alternatives to mod_security).
Again, I never ask about SSL, if you miss the 's' in my questions: I use HTTP without 's' to simplify the test scenarios. In production I often like to use ACME.