https behnid reverse proxy without headers
See original GitHub issueI am attempting to run the docker container behind a reverse proxy where the certificates are terminated at the proxy and have ran into the issue described in the documentation here: https://verdaccio.org/docs/en/reverse-proxy. Verdaccio is making insecure requests to resources, such as http://mydomain.com/-/static/940.a9eeba1cb9422cea1232.js.
With my current setup it is not possible to set the proxy headers as the docs suggest.
If possible it would be very helpful to allow one of the following:
- Set a static domain/host in configuration that will be used for all resources. For example setting this config option to
https://npm.mydoman.com/
would force Verdaccio to make requests such ashttps://npm.mydomain.com.io/-/static/940.a9eeba1cb9422cea1232.js
- A configuration option to force protocolless or relative paths. If this option was set Verdaccio would make requests such as
/-/static/940.a9eeba1cb9422cea1232.js
instead of including the domain.
Issue Analytics
- State:
- Created 3 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Smuggling HTTP headers through reverse proxies
Under some conditions, it is possible to smuggle HTTP headers through a reverse proxy, even if it was explicitly unset before.
Read more >https - What's the de facto standard for a Reverse Proxy to tell ...
The proxy can add extra (or overwrite) headers to requests it receives and passes through to the back-end. These can be used to...
Read more >Apache behind nginx reverse proxy, setting the correct Host ...
This causes a problem with my application because it thinks it's running in the URL https://example-8gnm1aqrns-lz.a.run.app and not http:// ...
Read more >Using the Forwarded header - NGINX
Traditionally, an HTTP reverse proxy uses non-standard headers to inform the upstream server about the user's IP address and other request properties:.
Read more >Reverse Proxy Guide - Apache HTTP Server Version 2.4
To ensure that and Location: headers generated from the backend are modified to point to the reverse proxy, instead of back to itself,...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I see, thanks for the feedback.
ok, it was planned for the next major but I’ll include it here https://github.com/verdaccio/verdaccio/pull/2122 so stay tuned, most likely by end of the month.
I’ll close this one and let’s follow up here https://github.com/verdaccio/verdaccio/issues/1523
@devnet-io I would love to have your opinion here https://github.com/verdaccio/monorepo/issues/250 (last comment)
There are two possible configurations possible, trying to find the best one for the env variable.