reverse proxy ssl static links in the pages still http #116

hagbard-01 · 2022-03-07T23:21:08Z

Describe the bug
I use nginx as reverse proxy and redirect all traffic to https.
The sign up form ("Create admin account") has however, http statically rendered in the code and all creds will be submitted unencrypted.

ln 39: <form action="[http://<IP-address>/signup?next=%2Fdashboard](view-source:http://<IP-address>/signup?next=%2Fdashboard)" method="[post]()" novalidate>

To Reproduce
Steps to reproduce the behavior:
Use a reverse proxy such as nginx and redirect all traffic on port 80, to port 443.

server {
    listen 80 default_server;
    server_name _;
    return 301 https://$host$request_uri;
}
server {
    listen 443 ssl;
    server_name _;
    ssl_certificate /etc/nginx/ssl/linguard.crt;
    ssl_certificate_key /etc/nginx/ssl/linguard.key;
    ssl_protocols TLSv1.2 TLSv1.3;
    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:8080;
    }
}

Expected behavior
Well, either it has to be a relative link or needs to be:

The text was updated successfully, but these errors were encountered:

hagbard-01 added the bug Something isn't working label Mar 7, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

reverse proxy ssl static links in the pages still http #116

reverse proxy ssl static links in the pages still http #116

hagbard-01 commented Mar 7, 2022 •

edited

Loading

reverse proxy ssl static links in the pages still http #116

reverse proxy ssl static links in the pages still http #116

Comments

hagbard-01 commented Mar 7, 2022 • edited Loading

hagbard-01 commented Mar 7, 2022 •

edited

Loading