We are currently experimenting with setting up a Fossil server, but have
encountered a bit of an issue: Fossil doesn't seem to support being operated
behind a proxy. As we wish to run Fossil on port 80, and to do so it must
sit behind our primary web server, this is a bit of an issue.

The ideal solution for us would be to run Fossil as an SCGI or FastCGI
service (I would lean towards SCGI as it is a much simpler protocol) and
have our web server dispatch requests to that, but this is at present not
possible. We cannot run Fossil as a CGI because we use Nginx, which does not
support it (With the valid reason that very little uses CGI these days and
that it is highly inefficient)

In the meantime, therefore, we are setting up Fossil behind a proxy. This
works mostly, but does raise an issue: Fossil issues all cookies to This works, but is rather insecure. It would be best if Fossil
could be instructed to listen to the X-Forwarded-For header when started via
"fossil server" (It would be inadvisable to listen to it if started as a CGI
because the web server should be doing the transformation then).

The ideal solution would be to move to the aforementioned SCGI, but I am not
quite sure at present the way I would go about implementing this in the
Fossil source.
fossil-users mailing list

Reply via email to