X-Forwarded-Proto leads to redirection loops

Question

X-Forwarded-Proto leads to redirection loops

wzyboy opened this issue 10 years ago · 4 comments

It seems that, since commit 0da1835 , shrpx adds an X-Forwarded-Proto header to the request, and this leads to redirection loops on some websites.

One of these websites is 500px.com.

Let's try this:

curl -v http://500px.com/ -H X-Forwarded-Proto:https

We can see 500px.com "thinks" we are trying to visit an https version of its website, and will redirect us to http://500px.com/, but we are already there. Thus, a redirection loop occured. Chrome calls this ERR_TOO_MANY_REDIRECTS.

Could there be an option (add-x-forwarded-proto=no) to turn off this Header? Just like add-x-forwarded-for=no turns off X-Forwarded-For Header.

Answer 1 · 2014-09-24T15:17:54.000Z

Thank you for reporting this issue. I think x-forwarded-proto should not be sent if shrpx is configured as forward proxy (-s or -p). I think you are using shrpx as SPDY proxy.
I'll add some conditional not to send this header if -s or -p is used.

Answer 2 · 2014-09-24T15:22:06.000Z

Yes. I am using running shrpx on my server with spdy-proxy=yes with a squid backend and configure my Google Chrome to use that server as a proxy.

Thanks for your great work!

Answer 3 · 2014-09-24T15:39:24.000Z

Fix committed via a1df9a7
Could you verify that it works?

Answer 4 · 2014-09-24T15:46:56.000Z

Yes it does! I can now visit 500px.com without ERR_TOO_MANY_REDIRECTS errors. Thanks.