[
https://issues.apache.org/jira/browse/KNOX-897?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sandeep More reopened KNOX-897:
-------------------------------
Hello [~sumit.gupta]
Reopening the issue because of the concern raised and the followup discussion.
You are right, the patch indeed does not take into account the case where Knox
is the only reverse proxy between the REST or UI client and the back end
service.
Sorry I did not think about this case :( So we have two cases here that I think
we have to choose from:
a. Someone wants to use it behind a reverse proxy (say ngnix) with default
ports (e.g. knox.mycompany.com/gateway/sandbox/hdfs/)
b. Knox is the reverse proxy and client passes the x-forwarded-host (without
*-port) header.
[~akanto] and [~sumit.gupta] which one do you guys suggest ?
> X-Forwarded-Port is incorrectly determined
> ------------------------------------------
>
> Key: KNOX-897
> URL: https://issues.apache.org/jira/browse/KNOX-897
> Project: Apache Knox
> Issue Type: Bug
> Affects Versions: 0.11.0
> Reporter: Attila Kanto
> Fix For: 0.12.0
>
> Attachments: gateway.log, knox-897.patch, Screen Shot 2017-03-01 at
> 14.44.03.png
>
>
> If the client fills out the following headers:
> {code}
> Header[X-Forwarded-Host]=local.somehost.com
> Header[X-Forwarded-Proto]=https
> {code}
> And does not specify the port number in X-Forwarded-Host since it uses the
> the default port, then Knox automatically populates X-Forwarded-Port header
> field with its own local port e.g. 8443 instead of the default 443 which
> results in page not founds (see screenshot and log).
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
