Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Should proxyHeaders and credentials be true by default? #20

Closed
homerjam opened this issue Sep 6, 2017 · 5 comments
Closed

Should proxyHeaders and credentials be true by default? #20

homerjam opened this issue Sep 6, 2017 · 5 comments

Comments

@homerjam
Copy link

homerjam commented Sep 6, 2017
edited by ghost
Loading

Just questioning whether these two useful features should be true by default - I found they caused problems with my setup. As a noob or someone switching from the regular axios module they introduce implicit complexity which can take a while to debug (vs. time saved from the benefits).

At lease a note regarding proxyHeaders:

If directing requests at a url protected by CloudFlare's CDN you should set this to false to prevent CloudFlare from mistakenly detecting a reverse proxy loop and returning a 403 error.

This question is available on Nuxt.js community (#c19)
pi0 pushed a commit that referenced this issue Sep 6, 2017
add notes for proxyHeaders option
e9e225f 
@homerjam #20
@pi0
Copy link
Member

pi0 commented Sep 6, 2017
edited
Loading

Thanks. I've added the note. Actually, it depends on the use case but i think should be enabled by default to make it having a universal behavior. If you know some unwanted headers that CF adds that makes problems, just open a PR or ping me :)

@pi0 pi0 closed this as completed Sep 6, 2017
@homerjam
Copy link
Author

homerjam commented Sep 7, 2017
edited
Loading

Thanks. I think it's cf-ray header as described here, I'll check when I can (assuming I can use an interceptor to remove it).

@atmar atmar mentioned this issue Nov 1, 2017
Closed
@curtisbelt
Copy link

@pi0

If you know some unwanted headers that CF adds that makes problems, just open a PR or ping me

I believe I have that answer for you. To avoid Error 1000: DNS points to prohibited IP that @homerjam is referencing, I used proxyHeadersIgnore to remove the headers cf-ray and cf-connecting-ip.

nuxt.config.js

modules: [
  '@nuxtjs/axios'
],
axios: {
  proxyHeadersIgnore: ['host', 'accept', 'cf-ray', 'cf-connecting-ip']
},

@tiagomatosweb
Copy link

Hi all,
I'm getting the same issue. I've tried proxyHeaders = true which is true by default and I also have tried proxyHeadersIgnore: ['host', 'accept', 'cf-ray', 'cf-connecting-ip'] and did not work. I'm getting the Error 1000: DNS points to prohibited IP.

Any idea?

lefuturiste added a commit to lefuturiste/axios-module that referenced this issue Nov 1, 2018
@lefuturiste
feat: add proxyHeadersIgnore in default options (nuxt-community#20)
7d40fc6
@lefuturiste lefuturiste mentioned this issue Nov 1, 2018
Merged
pi0 pushed a commit that referenced this issue Nov 7, 2018
@lefuturiste @pi0
fix(defaults): ignore cf-ray and cf-connecting-ip headers on serv…
3ae5416 
…er side (#20) (#175)
@jucau
Copy link

jucau commented Jun 10, 2020

Hello all,

maybe it will help someone, I had same kind of trouble with Cloudfront, getting a 403 when using a cookie based auth API with proxyHeaders: true.
Solution was to ignore also Cloudfront headers in proxyHeadersIgnore : ['host', 'accept', 'cf-ray', 'cf-connecting-ip', 'content-length', 'via', 'user-agent', 'cloudfront-forwarded-proto', 'cloudfront-is-desktop-viewer', 'cloudfront-is-mobile-viewer', 'cloudfront-is-smarttv-viewer', 'cloudfront-is-tablet-viewer', 'cloudfront-viewer-country', 'x-amz-cf-id', 'x-amzn-trace-id', 'x-forwarded-for', 'x-apigateway-event', 'x-apigateway-context'].
Not sure all the above headers are necessary to ignore to get it work, but in my case I didn't need them and it solved my issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@homerjam @tiagomatosweb @curtisbelt @pi0 @jucau