[Catalyst] RFC for handling reverse proxies not deployed to standard ports.

Christopher H. Laco claco at chrislaco.com
Fri Jun 15 17:59:54 GMT 2007


Dave Rolsky wrote:
> On Fri, 15 Jun 2007, Marlon Bailey wrote:
> =

>> Suggestion:  I'd like to submit a solution that extends the current
>> proxy-backend practice of reading the proxy values out of the request
>> header.  Currently the client's IP is taken from a "X-Forwarded-For"
>> header value, and the host's(Reverse Proxy) hostname is taken from a
>> "X-Forwarded-Host" header value. I suggest adding the ability for
>> Catalyst to set the host's port from a "X-Forwarded-Host-Port" header
>> value.  This way a simple config option such as this
> =

> This would be great. When I'm doing development I often run an Apache on
> a non-standard (high) port, and have solved this problem in various apps.
> =

> For Catalyst, so far I've mostly been using the standalone server, but
> eventually I'll want to be able to test locally with a "real" server to
> mimic the eventual production environment.
> =

>> Extras considerations:  After speaking with Matt(mst) about this, he
>> also suggested allowing the "Path" value to be set from a header value
>> as well.
> =

> And _another_ one to add ...
> =

> Often the frontend of an app is listening on both http & https ports.
> When I generate URIs in the backend, I often want to take this into
> account and generate the scheme based on what the user requested.
> =

> In previous mod_perl apps, what I've done is have the backend server
> _also_ listen on two ports. Then I have the frontend forward to one or
> the other. The code will usually look for some sort of hack like an env
> var (which I only set in one vhost) that says "use https".
> =

> Adding a header like X-Forwarded-Was-HTTPS would be a much better
> solution. Basically, the more info about the original frontend request
> that can be captured the better.

Ick.

X-Forwarded-Host-Secure

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
Url : http://lists.scsys.co.uk/pipermail/catalyst/attachments/20070615/253e=
eb48/signature.pgp


More information about the Catalyst mailing list