Mercurial Mercurial > prosody > prosody / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_http: Consider x-forwarded-proto from trusted proxies
authorKim Alvefur <zash@zash.se>
Thu, 18 Feb 2021 10:00:56 +0100
changeset 11387 98b7ae7064b2
parent 11386 a0477656258c
child 11388 f9edf26c66fc
mod_http: Consider x-forwarded-proto from trusted proxies Should be better than setting consider_{bosh,websocket}_secure as that may end up causing actually insecure requests to be considered secure. Doing it here, as with IP, should make this apply to all HTTP modules.
plugins/mod_http.lua file | annotate | diff | comparison | revisions 
--- a/plugins/mod_http.lua	Thu Feb 18 12:02:11 2021 +0100
+++ b/plugins/mod_http.lua	Thu Feb 18 10:00:56 2021 +0100
@@ -259,6 +259,10 @@
 	if request and is_trusted_proxy(request.conn:ip()) then
 		-- Not included in eg http-error events
 		request.ip = get_ip_from_request(request);
+
+		if not request.secure and request.headers.x_forwarded_proto == "https" then
+			request.secure = true;
+		end
 	end
 	return handlers(event_name, event_data);
 end);
prosody