Project

General

Profile

Bug #432

Redirects escape reverse proxy use of mod_proxy

Added by Anonymous over 13 years ago. Updated almost 12 years ago.

Status:
Fixed
Priority:
Normal
Assignee:
-
Category:
core
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Missing in 1.5.x:

Description

A redirect emitted by a backend server including a host and port will escape to the browser, bypassing the reverse proxy for future requests.

Apache's ProxyPassReverse rewrites Location: headers from the backend proxied servers to not include the port number and host.

-- aredridel

lighttpd-proxy-fix-redirects.patch (3.03 KB) lighttpd-proxy-fix-redirects.patch Patch -- aredridel Anonymous, 2005-12-30 10:16
lighttpd-proxy-fix-redirects-2.patch (4.79 KB) lighttpd-proxy-fix-redirects-2.patch Foul, yet slightly more functional hack conny, 2006-02-03 01:38

History

#1

Updated by Anonymous over 13 years ago

The attached patch adds a per-proxy option to fix redirects:

proxy.server = (
"/" => (
"backend" => (
"host" => "127.0.0.1",
"port" => 12021,
"fix-redirects" => 1
)
)
)

-- aredridel

#2

Updated by conny over 13 years ago

See also ticket #17, where the severity of this issue is considered not to be a bug. Nevertheless I would like to maintain that it is a wishlist item.

#3

Updated by conny over 13 years ago

I'm looking at how to implement tests for mod_proxy - these are typical cases that we should be testing for...

#4

Updated by jan over 13 years ago

  • Status changed from New to Assigned

In tests/mod-proxy.t you can see how we test for up to now.

Basicly we use 2 lighttpd instances while the second server is usually echoing some parts of the environment and the first is proxying.

#5

Updated by conny over 13 years ago

Ehm, there is no tests/mod-proxy.t in the source tree :-)

#6

Updated by jan over 12 years ago

  • Status changed from Assigned to Fixed
  • Resolution set to fixed

fixed in the trunk/ tree with the proxy-core.rewrite-response setting.

#7

Updated by Anonymous over 12 years ago

asc

-- bebo.com,

Also available in: Atom