Reverse Proxy Protocol not respected

Open viperidae opened this issue 8 years ago • 0 comments

GateOne doesn't respect the X-Scheme HTTP header when running being an SSL terminating reverse proxy. This makes the Google Auth fail, as the redirect URI is generated with http:// instead of https://

The following patch will fix:

diff --git a/gateone/core/server.py b/gateone/core/server.py
index 94d7c7e..9b943e6 100755
--- a/gateone/core/server.py
+++ b/gateone/core/server.py
@@ -4420,7 +4420,7 @@ def main(installed=True):
             go_settings[option] = options[option]
     https_server = tornado.httpserver.HTTPServer(
         GateOneApp(settings=go_settings, web_handlers=web_handlers),
-        ssl_options=ssl_options)
+        ssl_options=ssl_options, xheaders=True)
     https_redirect = tornado.web.Application(
         [(r".*", HTTPSRedirectHandler),],
         port=go_settings['port'],

Nov 19 '17 23:11 viperidae