port redirection issue while using ssh tunnel
Adrien Saladin
adrien.saladin at gmail.com
Tue Jul 23 09:22:26 UTC 2013
Hi list,
I have a web app proxied by nginx. Everything works fine locally.
However the web server is on our private network and I would like to
access it though a ssh tunnel from the outside.
Most operations works fine except when the web app returns a 302
redirection. In that case it seems that nginx removes the http port
(detailed issue below).
Here are the details:
The ssh tunnel is made through our ssh gateway:
ssh me at ourgateway.tld -L8080:privateWebServer:80
I then connect to a 'normal' page and everything looks good:
$ curl http://localhost:8080/wiki/wiki -D -
HTTP/1.1 200 OK
Server: nginx/0.7.67
Date: Tue, 23 Jul 2013 08:52:54 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 98961
$ curl http://localhost:8080/wiki -D -
However when I try a page that returns a 302 redirect, I have this:
HTTP/1.1 302 Found
Server: nginx/0.7.67
Date: Tue, 23 Jul 2013 08:54:46 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Content-Length: 93937
Location: http://localhost/wiki/wiki
(the 8080 port was removed from the location).
If I try to contact directly the web app throug the tunnel (on port
6544) I have this:
$ curl http://localhost:6544/wiki
HTTP/1.1 302 Found
Content-Length: 178
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Jul 2013 08:57:16 GMT
Location: http://localhost:6544/wiki/wiki
Server: waitress
So it looks like that the problem comes from my nginx configuration.
location /wiki {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
port_in_redirect on;
proxy_pass http://127.0.0.1:6544;
}
I actived the debug log and this extract looks interesting:
2013/07/23 11:08:10 [debug] 14798#0: *6845 http header: "Host: localhost:8080"
[...]
2013/07/23 11:08:10 [debug] 14798#0: *6845 http proxy header:
2013/07/23 11:08:10 [debug] 14798#0: *6845 http script copy: "Host: "
2013/07/23 11:08:10 [debug] 14798#0: *6845 http script var: "localhost"
2013/07/23 11:08:10 [debug] 14798#0: *6845 http script copy: "
[...]
"GET /wiki HTTP/1.0
Host: localhost
X-Real-IP: *our_ssh_gateway_ip*
X-Forwarded-For: *our_ssh_gateway_ip*
X-Forwarded-Proto: http
Connection: close
User-Agent: curl/7.26.0
Accept: */*
"
I would really appreciate any help regarding this issue.
Regards,
Adrien
More information about the nginx
mailing list