ssl.redirectHttpFromPort redirects statically to 0.0.0.0:<somePort>

[mat1010]

Kibana version:
6.4.2

Elasticsearch version:
6.4.2

Server OS version:
Centos7

Browser version:
any

Browser OS version:
any

Original install method (e.g. download page, yum, from source, etc.):
Docker container: docker.elastic.co/kibana/kibana:6.4.2
Source from download page: https://artifacts.elastic.co/downloads/kibana/kibana-6.4.2-linux-x86_64.tar.gz

Describe the bug:
Using the builtin webserver in Kibana with a configured HTTP to HTTPs redirect leads to a redirect to the configured host ip in server.host instead of the original requested ip address / the hostname which has been used by the client.

Steps to reproduce:

1. Use following kibana.yml

server.name: kibana
server.host: "0"
server.port: 5602
elasticsearch.url: http://elasticsearch:9200
xpack.monitoring.ui.container.elasticsearch.enabled: true
server.ssl.enabled: true
server.ssl.certificate: /usr/share/kibana/config/kibana.example.org.crt
server.ssl.key: /usr/share/kibana/config/kibana.example.org.key
server.ssl.redirectHttpFromPort: 5601

2. Request http://localhost:5601
3. You will be redirected to https://0.0.0.0:5602

Expected behavior:
Redirect should go to https://localhost:5602 - or whatever host / ip has been used by the client to access Kibana. Instead of config.host the target should be request.headers.host (without the port information)

Errors in browser console (if relevant):

$ curl localhost:5601 -L -I -k
HTTP/1.1 302 Found
location: https://0:5602/
content-length: 0
Date: Tue, 30 Oct 2018 21:56:43 GMT
Connection: keep-alive

HTTP/1.1 200 OK
kbn-name: kibana
kbn-xpack-sig: 51bce97448e21af6f3472085d59ec28b
cache-control: no-cache
Date: Tue, 30 Oct 2018 21:56:43 GMT
Connection: keep-alive

Provide logs and/or server output (if relevant):

{"type":"log","@timestamp":"2018-10-30T21:56:25Z","tags":["info","http","redirect","server"],"pid":1,"message":"starting HTTP --> HTTPS redirect server [0:5601]"}
{"type":"log","@timestamp":"2018-10-30T21:56:25Z","tags":["info","http","server","listening"],"pid":1,"message":"Server running at https://0:5602"}

Any additional context:
The bug seems to be caused by the following part in https_redirect_server.ts:

kibana/src/core/server/http/https_redirect_server.ts

Line 56 in 33b5de3

hostname: config.host,

My proposal for the change would be the following:
Take the host header, strip the port and redirect the client to it
It could look like this

@@ -40,7 +40,7 @@
         this.server.ext('onRequest', (request, responseToolkit) => {
             return responseToolkit
                 .redirect(url_1.format({
-                hostname: config.host,
+                hostname: ( request.headers.host.match(/:/g) ) ? request.headers.host.slice( 0, request.headers.host.indexOf(":") ) : request.headers.host,
                 pathname: request.url.pathname,
                 port: config.port,
                 protocol: 'https',

[elasticmachine]

Pinging @elastic/kibana-operations

[joshdover]

@mat1010 Thanks for the bug report! For the suggested solution, I think we'll want to use Node's URL parser for extracting the host from the header. That may help handling any strange host edge cases we haven't thought about.

[mat1010]

@joshdover Thanks for looking into this.
I'm fine with using Node's URL parser. I'm not a Javascript guy ;) The code snippet was just meant to show you the behaviour that I'd expect.

[jcarterch]

+1, this would be very useful.

[orest-gulman]

any news on that or we still forced to use a third-party solution?

[elasticmachine]

Pinging @elastic/kibana-platform (Team:Platform)

[abprash]

@joshdover @rudolf , is anyone working on this?
I'm a beginner in contributing to open source. Can I work on this?

[rudolf]

@abprash Feel free to pick this up 👍 this would be a good issue to start with contributing to Kibana. Let me know if I can help with anything.

[abprash]

@rudolf , thanks! I'll work on it.