Skip to content
Permalink
Browse files

Fix insecure asset loading with web proxy enabled

This issue is well described in this post:
https://discuss.overhang.io/t/reverse-proxy-and-mixed-content-issue/86

When WEB_PROXY=True and ACTIVATE_HTTPS=True the containerized nginx sets
an incorrect value for X-Forwarded-Proto.
  • Loading branch information...
regisb committed Jul 7, 2019
1 parent eb91030 commit c431fb81ffd919388fe76664ac2d9624e5c676ed
@@ -4,6 +4,7 @@ Note: Breaking changes between versions are indicated by "💥".

## Latest

- [Bugfix] Fix insecure static asset loading when web proxy is enabled
- [Improvement] Rename ``SECRET_KEY`` configuration parameter to ``OPENEDX_SECRET_KEY``
- [Improvement] Add support for TLS in external SMTP server (#231)
- [Bugfix] Fix missing video transcripts in LMS (#229)
@@ -10,7 +10,7 @@

setup(
name="tutor-minio",
version="0.0.2",
version="0.0.3",
url="https://docs.tutor.overhang.io/",
project_urls={
"Documentation": "https://docs.tutor.overhang.io/",
@@ -24,9 +24,11 @@ server {
client_max_body_size 0;

location / {
{% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr;
{% endif %}
proxy_set_header Host $http_host;
proxy_redirect off;

@@ -10,7 +10,7 @@

setup(
name="tutor-notes",
version="0.0.1",
version="0.0.2",
url="https://docs.tutor.overhang.io/",
project_urls={
"Documentation": "https://docs.tutor.overhang.io/",
@@ -24,9 +24,11 @@ server {
server_tokens off;

location / {
{% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr;
{% endif %}
proxy_set_header Host $http_host;
proxy_redirect off;

@@ -26,9 +26,11 @@ server {
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;

location @proxy_to_cms_app {
{% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr;
{% endif %}
proxy_set_header Host $http_host;
proxy_redirect off;

@@ -26,9 +26,11 @@ server {
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;

location @proxy_to_lms_app {
{% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr;
{% endif %}
proxy_set_header Host $http_host;
proxy_redirect off;

0 comments on commit c431fb8

Please sign in to comment.
You can’t perform that action at this time.