Forum OpenACS Development: Untrusted host header

Request notifications

Collapse
Posted by Iuri Sampaio on
How would I correct headers when running OACS (Naviserver) behind a Nginx proxy.

Indeed, 127.0.0.1 and 8443 are present /etc/config.tcl file and I have no intention to assign external IP neither 443, because NGINX is there.

set httpsport 8443
# The hostname and address should be set to actual values.
# setting the address to 0.0.0.0 means aolserver listens on all interfaces
set hostname evex.co
set address_v4 127.0.0.1

Another parameter amended is proxy_mode. I expected it'd do the whole magic.
# Are we running behind a proxy?
#set proxy_mode false
set proxy_mode true

Is there anything else to amend in order to make OACS core capable to assign header values properly?

Futhermore, I've noticed before the warning, there are some validations referencing host_node_map.

[07/Jul/2018:13:12:38][2783.7fe0b0a3d700][-conn:evex:0:1032-] Notice: checking entry 127.0.0.1 from host_node_map ->

Is it possible to somehow create a pair with 127.0.0.1 ?
I tried so, but / is not available in the list of application to pair
I was expecting to resolve it by simply forwarding 127.0... to / (i.e. mainsite.)

[07/Jul/2018:13:12:38][2783.7fe0b0a3d700][-conn:evex:0:1032-] Warning: ignore untrusted host header field: '127.0.0.1:8443'

How would I fix the headers in order they have the correct host ?

Best wishes,