Uploaded image for project: 'Nuxeo Platform'
  1. Nuxeo Platform
  2. NXP-14885

Use the X-Forwarded-Proto header to deduce right scheme for decoding OAuth messages

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 5.9.4
    • Fix Version/s: 5.9.5
    • Component/s: OAuth

      Description

      If the Nuxeo is behind a load balancer that taker care of SSL encription, OAuth messages are passed with the HTTPS scheme. When decoding the message the nuxeo server makes the challenge with an http scheme that fails.

      We can make use of the de-facto standard X-Forwarded-Proto header to check if the scheme is the right one.

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: