Rewrites should allow setting the secure option of http-proxy

[smessaris]

Mainly for local development, where a site may be served by https (eg valet secure). In this case rewrite fails because of UNABLE_TO_VERIFY_LEAF_SIGNATURE even if we have NODE_TLS_REJECT_UNAUTHORIZED=0 in .env.

Setting the secure option of the proxy to false solves this.

Either we should be able to set it in next.config.js, or it should be automatically set based on the value of NODE_TLS_REJECT_UNAUTHORIZED.

[e752938]

Hi, @ijjk
I'm the author of the recent closed PR #38786
I really think it's a good idea to have such an option during development.
Or people will have to use something like https://github.com/stegano/next-http-proxy-middleware

If you have concern for the security on production, we can simply change it like:

const secure = process.env.NODE_ENV === 'development' ?  this.nextConfig.devRewriteSecure : true

[ijjk]

Hi, if this is specific to development can you explain the use case more, are you rewriting to a local server? If so potentially we could set secure: false for localhost in development specifically.

[e752938]

Hi, I'm in a frontend team of a big company, we do not have the access to backend code. So we have to proxy an online backend dev url during development, which has issues for node's ssl.

[ijjk]

I see, as mentioned on the PR we could have an experimental config for this e.g. experimental.insecureRewriteHosts which is an array of host names that has secure: false set

[tim-soft]

This would be really useful for localdev

[YDJSZY]

This is question had solved ?