christianlight/tutor
6
0
Fork 0
mirror of https://github.com/ChristianLight/tutor.git synced 2024-12-12 14:17:46 +00:00
Code Issues Releases Activity

Fix insecure asset loading with web proxy enabled

Browse Source 
This issue is well described in this post:
https://discuss.overhang.io/t/reverse-proxy-and-mixed-content-issue/86

When WEB_PROXY=True and ACTIVATE_HTTPS=True the containerized nginx sets
an incorrect value for X-Forwarded-Proto.
This commit is contained in:
Régis Behmo 2019-07-07 17:14:31 +08:00
parent eb91030403
commit c431fb81ff
7 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -4,6 +4,7 @@ Note: Breaking changes between versions are indicated by "💥".
## Latest ## Latest
- [Bugfix] Fix insecure static asset loading when web proxy is enabled
- [Improvement] Rename ``SECRET_KEY`` configuration parameter to ``OPENEDX_SECRET_KEY`` - [Improvement] Rename ``SECRET_KEY`` configuration parameter to ``OPENEDX_SECRET_KEY``
- [Improvement] Add support for TLS in external SMTP server (#231) - [Improvement] Add support for TLS in external SMTP server (#231)
- [Bugfix] Fix missing video transcripts in LMS (#229) - [Bugfix] Fix missing video transcripts in LMS (#229)

2
plugins/minio/setup.py
View File

@ -10,7 +10,7 @@ with io.open(os.path.join(here, "README.rst"), "rt", encoding="utf8") as f:
setup( setup(
name="tutor-minio", name="tutor-minio",
version="0.0.2", version="0.0.3",
url="https://docs.tutor.overhang.io/", url="https://docs.tutor.overhang.io/",
project_urls={ project_urls={
"Documentation": "https://docs.tutor.overhang.io/", "Documentation": "https://docs.tutor.overhang.io/",

2
plugins/minio/tutorminio/patches/nginx-extra
View File

@ -24,9 +24,11 @@ server {
client_max_body_size 0; client_max_body_size 0;
location / { location / {
{% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
{% endif %}
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
proxy_redirect off; proxy_redirect off;

2
plugins/notes/setup.py
View File

@ -10,7 +10,7 @@ with io.open(os.path.join(here, "README.rst"), "rt", encoding="utf8") as f:
setup( setup(
name="tutor-notes", name="tutor-notes",
version="0.0.1", version="0.0.2",
url="https://docs.tutor.overhang.io/", url="https://docs.tutor.overhang.io/",
project_urls={ project_urls={
"Documentation": "https://docs.tutor.overhang.io/", "Documentation": "https://docs.tutor.overhang.io/",

2
plugins/notes/tutornotes/patches/nginx-extra
View File

@ -24,9 +24,11 @@ server {
server_tokens off; server_tokens off;
location / { location / {
{% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
{% endif %}
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
proxy_redirect off; proxy_redirect off;

2
tutor/templates/apps/nginx/cms.conf
View File

@ -26,9 +26,11 @@ server {
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last; rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;
location @proxy_to_cms_app { location @proxy_to_cms_app {
{% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
{% endif %}
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
proxy_redirect off; proxy_redirect off;

2
tutor/templates/apps/nginx/lms.conf
View File

@ -26,9 +26,11 @@ server {
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last; rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;
location @proxy_to_lms_app { location @proxy_to_lms_app {
{% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $remote_addr;
{% endif %}
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
proxy_redirect off; proxy_redirect off;