Use x-forwarded-host header to determine the root url, and let user…

…s provide a full `root_path` to override the automatically determined root url (#7641) * debug * add changeset * changes * add changeset * fix * add changeset * add changeset --------- Co-authored-by: gradio-pr-bot <gradio-pr-bot@users.noreply.github.com>
gradio-app · Mar 8, 2024 · cb3999e · cb3999e
1 parent 9482c7a
commit cb3999e
Show file tree

Hide file tree

Showing 4 changed files with 61 additions and 6 deletions.
diff --git a/.changeset/polite-experts-join.md b/.changeset/polite-experts-join.md
@@ -0,0 +1,5 @@
+---
+"gradio": patch
+---
+
+fix:Use `x-forwarded-host` header to determine the root url, and let users provide a full `root_path` to override the automatically determined root url
diff --git a/gradio/blocks.py b/gradio/blocks.py
@@ -1940,7 +1940,7 @@ def launch(
             show_api: If True, shows the api docs in the footer of the app. Default True.
             allowed_paths: List of complete filepaths or parent directories that gradio is allowed to serve (in addition to the directory containing the gradio python file). Must be absolute paths. Warning: if you provide directories, any files in these directories or their subdirectories are accessible to all users of your app.
             blocked_paths: List of complete filepaths or parent directories that gradio is not allowed to serve (i.e. users of your app are not allowed to access). Must be absolute paths. Warning: takes precedence over `allowed_paths` and all other directories exposed by Gradio by default.
-            root_path: The root path (or "mount point") of the application, if it's not served from the root ("/") of the domain. Often used when the application is behind a reverse proxy that forwards requests to the application. For example, if the application is served at "https://example.com/myapp", the `root_path` should be set to "/myapp". Can be set by environment variable GRADIO_ROOT_PATH. Defaults to "".
+            root_path: The root path (or "mount point") of the application, if it's not served from the root ("/") of the domain. Often used when the application is behind a reverse proxy that forwards requests to the application. For example, if the application is served at "https://example.com/myapp", the `root_path` should be set to "/myapp". A full URL beginning with http:// or https:// can be provided, which will be used as the root path in its entirety. Can be set by environment variable GRADIO_ROOT_PATH. Defaults to "".
             app_kwargs: Additional keyword arguments to pass to the underlying FastAPI app as a dictionary of parameter keys and argument values. For example, `{"docs_url": "/docs"}`
             state_session_capacity: The maximum number of sessions whose information to store in memory. If the number of sessions exceeds this number, the oldest sessions will be removed. Reduce capacity to reduce memory usage when using gradio.State or returning updated components from functions. Defaults to 10000.
             share_server_address: Use this to specify a custom FRP server and port for sharing Gradio apps (only applies if share=True). If not provided, will use the default FRP server at https://gradio.live. See https://github.com/huggingface/frp for more information.

diff --git a/gradio/route_utils.py b/gradio/route_utils.py
@@ -28,6 +28,7 @@
 
 import anyio
 import fastapi
+import gradio_client.utils as client_utils
 import httpx
 import multipart
 from gradio_client.documentation import document
@@ -289,10 +290,15 @@ def get_root_url(
 ) -> str:
     """
     Gets the root url of the request, stripping off any query parameters, the route_path, and trailing slashes.
-    Also ensures that the root url is https if the request is https. If root_path is provided, and it is not already
-    the subpath of the URL, it is appended to the root url. The final root url will not have a trailing slash.
+    Also ensures that the root url is https if the request is https. If an absolute root_path is provided,
+    it is returned directly. If a relative root_path is provided, and it is not already the subpath of the URL,
+    it is appended to the root url. The final root url will not have a trailing slash.
     """
-    root_url = str(request.url)
+    if root_path and client_utils.is_http_url_like(root_path):
+        return root_path.rstrip("/")
+
+    x_forwarded_host = request.headers.get("x-forwarded-host")
+    root_url = f"http://{x_forwarded_host}" if x_forwarded_host else str(request.url)
     root_url = httpx.URL(root_url)
     root_url = root_url.copy_with(query=None)
     root_url = str(root_url).rstrip("/")

diff --git a/test/test_routes.py b/test/test_routes.py
@@ -1035,13 +1035,57 @@ def test_component_server_endpoints(connect):
             "",
             "https://www.gradio.app/playground",
         ),
+        (
+            "https://www.gradio.app/playground/",
+            "/",
+            "http://www.gradio.app/",
+            "http://www.gradio.app",
+        ),
     ],
 )
-def test_get_root_url(request_url, route_path, root_path, expected_root_url):
-    request = Request({"path": request_url, "type": "http", "headers": {}})
+def test_get_root_url(
+    request_url: str, route_path: str, root_path: str, expected_root_url: str
+):
+    scope = {
+        "type": "http",
+        "headers": [],
+        "path": request_url,
+    }
+    request = Request(scope)
     assert get_root_url(request, route_path, root_path) == expected_root_url
 
 
+@pytest.mark.parametrize(
+    "headers, root_path, expected_root_url",
+    [
+        ({}, "/gradio/", "http://gradio.app/gradio"),
+        ({"x-forwarded-proto": "http"}, "/gradio/", "http://gradio.app/gradio"),
+        ({"x-forwarded-proto": "https"}, "/gradio/", "https://gradio.app/gradio"),
+        ({"x-forwarded-host": "gradio.dev"}, "/gradio/", "http://gradio.dev/gradio"),
+        (
+            {"x-forwarded-host": "gradio.dev", "x-forwarded-proto": "https"},
+            "/",
+            "https://gradio.dev",
+        ),
+        (
+            {"x-forwarded-host": "gradio.dev", "x-forwarded-proto": "https"},
+            "http://google.com",
+            "http://google.com",
+        ),
+    ],
+)
+def test_get_root_url_headers(
+    headers: dict[str, str], root_path: str, expected_root_url: str
+):
+    scope = {
+        "type": "http",
+        "headers": [(k.encode(), v.encode()) for k, v in headers.items()],
+        "path": "http://gradio.app",
+    }
+    request = Request(scope)
+    assert get_root_url(request, "/", root_path) == expected_root_url
+
+
 class TestSimpleAPIRoutes:
     def get_demo(self):
         with Blocks() as demo: