Skip to content
This repository has been archived by the owner on May 7, 2020. It is now read-only.

Commit

Permalink
Merge pull request #209 from kgudel/removeAuthHeaders
Browse files Browse the repository at this point in the history
Fix X-Forwarded-Host Bug
  • Loading branch information
hkeeler authored Jan 10, 2018
2 parents a0717fb + b098687 commit f9cb9ba
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions auth-proxy/conf/etc/httpd/conf.d/01-auth-proxy.conf
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,17 @@ Listen 8080

ProxyPass ${FILING_API_UPSTREAM_URI}
ProxyPassReverse ${FILING_API_UPSTREAM_URI}


# We have encountered the following warning from our akka-http based APIs:
# Illegal 'x-forwarded-host' header: Invalid input ' '
# This is caused by a space character being added to the comma-separated list
# of hostnames in the `X-Forwarded-Host` header by a reverse proxy somewhere
# in the request chain. Setting `ProxyAddHeaders Off` is a brute-force means of
# removing the additional hostname. This does make the warning go away, but it
# also mean our akka-http APIs (and any future services put behind auth-proxy) will
# only see `X-Forwarded-*` headers set by the previous reverse proxy, not auth-proxy.
ProxyAddHeaders Off
</Location>

# Top-level path, providing default settings for CORS and OIDC
Expand Down

0 comments on commit f9cb9ba

Please sign in to comment.