Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ProxyFix should use X-Forwarded-Port #1023

Closed
davidism opened this issue Oct 23, 2016 · 6 comments

Comments

Projects
None yet
5 participants
@davidism
Copy link
Member

commented Oct 23, 2016

Reporting this against Werkzeug, ignore the fact that I keep saying Flask. ;-)

If the app is behind a proxy and the proxy is listening on a non-standard port (ex. 8080), Flask will not generate valid urls unless SERVER_PORT is changed or HTTP_HOST includes the port.

ProxyFix should set SERVER_PORT = X-Forwarded-Port, or Flask's deploy docs should add proxy_set_header Host $host:$server_port;. Not really sure which one is correct, I've seen both mentioned.

@romeojulietthotel

This comment has been minimized.

Copy link
Contributor

commented Nov 5, 2016

FYI, X- means experimental and the feature is a standard now rfc7239

@untitaker

This comment has been minimized.

Copy link
Member

commented Nov 5, 2016

Yeah we should probably support the Forwarded header as well, though I have only seen the ad-hoc standard in practice.

@untitaker

This comment has been minimized.

Copy link
Member

commented Nov 5, 2016

(Also X practically means "nonstandard", not "experimental")

@tuukkamustonen

This comment has been minimized.

Copy link

commented May 14, 2018

Normally, sites are served in default ports (80 for HTTP, 443 for HTTPS) so X-Forwarded-Port is not needed even if protocol changes. But if an application is served on a non-default port, and if X-Forwarded-Host doesn't include port (when does it?), then X-Forwarded-Port should be needed.

AWS ELB/ALB set X-Forwarded-Port these days (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/x-forwarded-headers.html, https://forums.aws.amazon.com/thread.jspa?messageID=738145). I assume that also means that X-Forwarded-Host will NOT include the port, so support for X-Forwarded-Port should be added.

@c4milo

This comment has been minimized.

Copy link

commented Oct 12, 2018

I just finished chasing a very annoying issue with application's redirects breaking because the external port was not being picked up by ProxyFix. X-Forwarded-Port should be supported. This is especially important inside enterprise environments.

@untitaker

This comment has been minimized.

Copy link
Member

commented Oct 12, 2018

@c4milo This issue is already closed. X-Forwarded-Port is supported.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.