javascript
javascript copied to clipboard
feat(backend): Allow reading proto and host for proxied requests from a custom header
Description
When Clerk is served behind a proxy, it uses the X-Forwarded-Proto and X-Forwarded-Host headers to determine the proto and host of the request, and redirect the client to the right place, as per docs.
However, we are dealing with a situation where because of other proxies in-between, we cannot leverage the X-Forwarded-Host header, and that makes Clerk not usable in this environment.
I am proposing adding two new environmental variables which allow overriding the name of the header that Clerk uses to perform lookups:
- CLERK_PROXY_FORWARDED_PROTO_HEADER
- CLERK_PROXY_FORWARDED_HOST_HEADER
Checklist
- [X]
pnpm testruns as expected. - [X]
pnpm buildruns as expected. - N/A (If applicable) JSDoc comments have been added or updated for any package exports
- [ ] (If applicable) Documentation has been updated
Type of change
- [ ] 🐛 Bug fix
- [X] 🌟 New feature
- [ ] 🔨 Breaking change
- [ ] 📖 Refactoring / dependency upgrade / documentation
- [ ] other:
Summary by CodeRabbit
-
New Features
- Allow configuring which proxy headers are used to determine request protocol and host via environment settings, preserving default behavior for standard proxies.
-
Tests
- Added tests covering custom proxy header configurations to ensure correct origin detection across proxy setups.