Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Request URL variable for header support #6463

Closed
genert opened this issue Mar 10, 2020 · 3 comments
Closed

Request URL variable for header support #6463

genert opened this issue Mar 10, 2020 · 3 comments
Labels
resolution/duplicate status/5-frozen-due-to-age

Comments

@genert
Copy link

genert commented Mar 10, 2020
edited
Loading

With NGINX, you are able to set proxy header values with $host, $scheme and $request_uri variables:

proxy_set_header Host                    $host;
proxy_set_header X-Scheme                $scheme;
proxy_set_header X-Auth-Request-Redirect $request_uri;

Which allows you to do even fancier stuff like following (in multiple domains scenario):

proxy_set_header X-Auth-Request-Redirect $scheme://$host$request_uri;

We would like to see same feature in Traefik. Currently Traefik does support $host variable and it can be done through following configuration option:

- "traefik.http.services.myservice.loadbalancer.passhostheader=true"

Traefik could add some extra configuration options to pass scheme, request uri with full redirect url as well:

- "traefik.http.services.myservice.loadbalancer.passschemeheader=true"
- "traefik.http.services.myservice.loadbalancer.passrequesturiheader=true"
- "traefik.http.services.myservice.loadbalancer.passfulluriheader=true"

However, while this could be the easiest way to go then it does not solve the underlying problem as stated by some issues (#5063).

Perhaps this could be solved by allowing to configure proxy headers dynamically just like it is done with service routes:

- "traefik.http.services.myservice.loadbalancer.passheaders=Scheme(`X-Scheme`),RequestURI(`X-Auth-Request-Redirect`),FullURI(`X-Auth-Full-Request-Redirect`)"

Where Traefik gives available methods which takes header name as parameter to be returned as header key with method's given value. This approach allows Traefik to add as many variables as it wishes for while keeping configuration option clean and clear for end-users.

This needs to be thought through... What are your opinions on this?
@genert genert mentioned this issue Mar 10, 2020
Closed
@genert
Copy link
Author

genert commented Mar 10, 2020

Or perhaps like this:

- "traefik.http.services.myservice.loadbalancer.passheaders.X-Scheme=$scheme"

or

- "traefik.http.services.myservice.loadbalancer.passheaders=Header(`X-Scheme`, Scheme()),Header(`X-Auth-Request-Redirect`, RequestUri())"

or

- "traefik.http.services.myservice.loadbalancer.passheaders.X-Scheme=Scheme()"

@kallangerard
Copy link

I agree. Lack of variables means forwardAuth and pusher/oauth_proxy2 can't work correctly together.

As it stands the 301 redirect error will take the browser to the oauth login page, but there's no way to pass the originally requested url to redirect to after success login.

@ldez
Copy link
Contributor

ldez commented Mar 11, 2020

Close in favor of #5036 - Feel free to subscribe there for updates.

@ldez ldez closed this as completed Mar 11, 2020
@traefik traefik locked and limited conversation to collaborators Apr 28, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
resolution/duplicate status/5-frozen-due-to-age
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@genert @ldez @traefiker @kallangerard