Missing X-Forwarded-Proto header causing infinite redirect loop
vojtad opened this issue · comments
Changes in #292 broke adding X-Forwarded-Proto
header when request is passed through httputil.ReverseProxy
to origin server. The header is missing.
This creates infinite redirect loop when origin is set to always redirect to HTTPS. For example when config.force_ssl = true
is set in Rails application.
Here is a dump of headers from our Rails app after #292:
20:09:38 server.1 | {"HTTP_VERSION"=>"HTTP/1.1",
20:09:38 server.1 | "HTTP_HOST"=>"sl.test",
20:09:38 server.1 | "HTTP_USER_AGENT"=>"curl/7.77.0",
20:09:38 server.1 | "HTTP_ACCEPT"=>"*/*",
20:09:38 server.1 | "HTTP_X_FORWARDED_FOR"=>"127.0.0.1",
20:09:38 server.1 | "HTTP_ACCEPT_ENCODING"=>"gzip"}
Here is a dump of headers from our Rails app before #292:
20:10:24 server.1 | {"HTTP_VERSION"=>"HTTP/1.1",
20:10:24 server.1 | "HTTP_HOST"=>"sl.test",
20:10:24 server.1 | "HTTP_USER_AGENT"=>"curl/7.77.0",
20:10:24 server.1 | "HTTP_ACCEPT"=>"*/*",
20:10:24 server.1 | "HTTP_X_FORWARDED_FOR"=>"127.0.0.1",
20:10:24 server.1 | "HTTP_X_FORWARDED_PROTO"=>"https",
20:10:24 server.1 | "HTTP_ACCEPT_ENCODING"=>"gzip"}
Can you confirm what version of puma-dev you're running? Are you building from source? The changes in #292 haven't been released via Homebrew yet.
I built puma-dev from source from tag v0.18.0. When I rollback to building from v0.17.0 the header is back.
I am working on a failing test to help fix this issue. I should have it ready in couple of minutes.
I managed to also fix the issue in the process. Comments and suggestions to my PR are welcomed.
Resolved in v0.18.1