Hi, A quick note for people trying to configure apache reverse *SSL* proxy, so:
user query --> fontend (ssl reverse proxy) --> backend (web client) We need to add this apache directive (needs mod_headers.c enabled): RequestHeader set X_FORWARDED_PROTO 'https' That way cherrypy known that the original protocol was 'HTTPS' and cherrypy.request.base become https://yoursite.com/. This allow to keep (tools.csrf.on = True) even behind the reverse SSL Proxy. -- You received this bug notification because you are a member of C2C OERPScenario, which is subscribed to the OpenERP Project Group. https://bugs.launchpad.net/bugs/690514 Title: [trunk] CSRF check in 4091 breaks mod_proxy Status in OpenObject Web Client: Fix Released Bug description: The CSRF check won't work in most cases with mod_proxy - the host/ref is going to be different (e.g. 127.0.0.1) Likely better way to do it is using a token/hidden field... I'd provide a patch but I haven't worked much with the web client yet. _______________________________________________ Mailing list: https://launchpad.net/~c2c-oerpscenario Post to : [email protected] Unsubscribe : https://launchpad.net/~c2c-oerpscenario More help : https://help.launchpad.net/ListHelp
