From 0fdfb212da340f2aed78734179ecec58b86cbc7f Mon Sep 17 00:00:00 2001 From: Noah Botimer Date: Mon, 23 Sep 2024 15:09:53 -0400 Subject: [PATCH] Add a middleware to force the HTTP Host There appears to be a subtle interaction or bug between ingress-nginx and Rack in this case. Even with the upstream-vhost set and use-forwarded-headers unset, the Ingress host is being supplied as X-Forwarded-Host. Even with use-forwarded-headers set, the X-Forwarded-Host is getting the ingress host. In Rack, the forwarded_authority takes precedence over the host_authority and server_authority... So, here we try to ensure that our value, supplied via process environment, is written into the forwarded host environment variable at the first position in the middleware stack. --- Gemfile.lock | 3 --- config/initializers/explicit_proxy_host.rb | 13 +++++++++++++ 2 files changed, 13 insertions(+), 3 deletions(-) create mode 100644 config/initializers/explicit_proxy_host.rb diff --git a/Gemfile.lock b/Gemfile.lock index 8add6e5..c16b816 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -254,8 +254,6 @@ GEM nio4r (~> 2.0) racc (1.6.2) rack (2.2.6.4) - rack-cors (2.0.2) - rack (>= 2.0.0) rack-test (2.1.0) rack (>= 1.3) rails (5.2.8.1) @@ -481,7 +479,6 @@ DEPENDENCIES pry-rails puma (>= 4.3.5) rack (>= 2.1.4) - rack-cors rails (~> 5.0) rake (~> 13.0) rsolr (>= 1.0) diff --git a/config/initializers/explicit_proxy_host.rb b/config/initializers/explicit_proxy_host.rb new file mode 100644 index 0000000..1ec5dd7 --- /dev/null +++ b/config/initializers/explicit_proxy_host.rb @@ -0,0 +1,13 @@ +class ExplicitProxyHost + def initialize(app) + @app = app + @host = ENV['RAILS_URL_HOST'] + end + + def call(env) + env['HTTP_X_FORWARDED_HOST'] = @host unless @host.nil? + @app.call(env) + end +end + +Rails.application.config.middleware.insert_before 0, ExplicitProxyHost