tileserver-gl
tileserver-gl copied to clipboard
maptiler
#119 - Fixes support for proxy (X-Forwarded-Host header).
Thanks for the PR.
I agree it's the correct solution to let the express handle X-Forwarded-Host.
Unfortunately, there is a bug in Express v4 and req.hostname and req.host do not contain port information. (So this PR would break all instances running on a port different than 80 -- including local development and probably some production deployments.)
This will be fixed in Express v5 (see https://expressjs.com/en/guide/migrating-5.html#req.host), but we should definitely wait for the stable release before migrating.
Thanks @petrsloup ,
Do you think maybe it's worth combining req.hostname with req.headers.host to maintain the port as a workaround until Express 5 is released?
Let me know,
Although it should be possible to parse the correct value from the req.hostname and req.headers.host it's kind of a hack. And it is actually not a correct solution in some cases, since the proxy might be running on a different port than the backend server (this seems to be a little messy at the moment -- X-Forwarded-Host usually does not contain port information and people sometimes use X-Forwarded-Port, but I'm not sure if express will respect this).
Anyway, the development on this is actually not a priority for our team at the moment -- our CDN and proxies do not modify the Host header so no additional handling is required.
I suggest you do the same before we can merge this PR (after Express v5 is stable) -- I think it's the best solution at the moment. I don't know what proxy you are using, but see for example https://www.ctrl.blog/entry/how-to-httpd-reverseproxy-hostheader and especially https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxypreservehost.
Hi @petrsloup, I made a nice workaround:
app.all('*', function (req, res, next) {
req.resolvedHost = req.headers['x-forwarded-host'] ? req.headers['x-forwarded-host'] : req.headers.host;
next();
});
Then I access the resolvedHost, you want me to update the PR with that fix? or you think I should combine X-Forwarded-Host with X-Forwarded-Port first?
As I understand it X-Forwarded-Host is still not fixed or working? The documentation is a bit misleading: https://github.com/maptiler/tileserver-gl/blob/master/docs/deployment.rst ~~I thought this used to work when I was using an older github repo of an earlier tileserver-gl version (2.x?)~~ (EDIT: actually I don't think it was working either with older versions)
It says it is important to set X-Forwarded-Host but it seems to have no effect when getting a style.json for example. X-Forwarded-Proto works fine on the other side.
