Support non-root prefixed reverse proxy environments #45
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
We'd like to use caddy-security in an reverse-proxy environment where caddy is routed from a fixed-prefix i.e.
myapp.mydomain.com/app1/oauth2/github -> ( reverse proxy ) -> app1backend.mydomain.com/oauth2/github
We encountered issues where the
redirect_url
was being set to app1backend.mydomain.com which was corrected by settingX-Forwarded-Host
. This still left the issue where theapp1
prefix was being dropped in theredirect_url
.A number of standard reverse proxies use the
X-Forwarded-Prefix
to forward any prefix mapping onto backend applications.This PR looks the add
X-Forwarded-Prefix
support to allow caddy-security to work in prefixed reverse proxies environments.