Skip to content

Enhance HTTPS redirect middleware for multi-hostname scenarios #21291

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rynowak opened this issue Apr 28, 2020 · 10 comments
Open

Enhance HTTPS redirect middleware for multi-hostname scenarios #21291

rynowak opened this issue Apr 28, 2020 · 10 comments
Labels
affected-few This issue impacts only small number of customers area-middleware Includes: URL rewrite, redirect, response cache/compression, session, and other general middlewares area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions enhancement This issue represents an ask for new feature or an enhancement to an existing one feature-yarp This issue is related to work on yarp Needs: Design This issue requires design work before implementating. severity-minor This label is used by an internal tool
Milestone
Backlog

Comments

@rynowak
Copy link
Member

rynowak commented Apr 28, 2020

See: dotnet/tye#354

The HTTPS redirect middleware allows you to configure (via config) a single port to use for HTTPS redirects. There are cases where this isn't sophisticated enough because each hostname you're listening on has a different HTTPS port value.
@rynowak rynowak added enhancement This issue represents an ask for new feature or an enhancement to an existing one area-middleware labels Apr 28, 2020
@Tratcher
Copy link
Member

Tratcher commented Apr 29, 2020
edited
Loading

Can you clarify why each host has a different port? Hosts can share ports using host headers and SNI.

@analogrelay
Copy link
Contributor

@Tratcher well, if they're different ASP.NET Core apps, we still have the port sharing problem right? Regardless of feasibility, only one process can bind to the port.

@Tratcher
Copy link
Member

Nevermind, I just read the linked issue and it's a very different scenario. The app only has one local port. The app accepts requests directly and through a proxy. The host name is the same in both cases, but the public and internal ports are different.

In this example it needs to be able to redirect myhost:80 -> 443 and myhost:4567 -> 4568.

@Tratcher
Copy link
Member

Why isn't the front end enforcing its own https?

@rynowak
Copy link
Member Author

rynowak commented Apr 29, 2020

As in, have the proxy responsible for the redirect? The proxy in this case is docker I think, not a dedicated proxy server.

@analogrelay analogrelay added this to the Next sprint planning milestone May 1, 2020
@analogrelay
Copy link
Contributor

Is there a proposed new behavior here?

@Tratcher
Copy link
Member

Tratcher commented May 1, 2020

The middleware needs to be capable of doing a host+port lookup from IServerAddresses and/or a static list to get the matching https port. A collection of KVP<string, int> is the basic structure.

Note today it throws if trying to auto-configure and it finds more than one https endpoint in IServerAddresses.

@Tratcher Tratcher mentioned this issue May 5, 2020
Open
@BrennanConroy BrennanConroy added the Needs: Design This issue requires design work before implementating. label May 8, 2020
@BrennanConroy
Copy link
Member

@jkotalik Does Tye have an API proposal for this? Also, how important is this API to Tye?

@jkotalik
Copy link
Contributor

jkotalik commented Jun 1, 2020

I don't think this critical for Tye, we wouldn't be able to utilize an API change here as we are primarily targeting 3.1.

@Tratcher Tratcher added the feature-yarp This issue is related to work on yarp label Jun 1, 2020
@ghost
Copy link

ghost commented Jul 24, 2020

We've moved this issue to the Backlog milestone. This means that it is not going to be worked on for the coming release. We will reassess the backlog following the current release and consider this item at that time. To learn more about our issue management process and to have better expectation regarding different types of issues you can read our Triage Process.

@Tratcher Tratcher mentioned this issue Oct 26, 2020
Open
@Tratcher Tratcher added affected-few This issue impacts only small number of customers severity-minor This label is used by an internal tool labels Nov 9, 2020 — with ASP.NET Core Issue Ranking
This was referenced Jan 7, 2021
Closed
Merged
Closed
Open
@amcasey amcasey added area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions area-middleware Includes: URL rewrite, redirect, response cache/compression, session, and other general middlewares and removed area-runtime labels Jun 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
affected-few This issue impacts only small number of customers area-middleware Includes: URL rewrite, redirect, response cache/compression, session, and other general middlewares area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions enhancement This issue represents an ask for new feature or an enhancement to an existing one feature-yarp This issue is related to work on yarp Needs: Design This issue requires design work before implementating. severity-minor This label is used by an internal tool
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
7 participants
@analogrelay @rynowak @Tratcher @JunTaoLuo @BrennanConroy @jkotalik @amcasey