Scheme check is broken behind a reverse-proxy; same can be achieved with regular Nginx conf

2024-09-03 20:06:27 +02:00 · 2017-09-17 17:41:30 +02:00 · 2017-09-17 17:41:30 +02:00 · d1c53a6e1b
commit d1c53a6e1b
parent 61ca14a09a
2 changed files with 0 additions and 13 deletions
--- a/access.lua
+++ b/access.lua
@ -69,12 +69,6 @@ then
    -- `GET` method will serve a portal file
    if ngx.var.request_method == "GET" then

-        -- Force portal scheme
-        if ngx.var.scheme ~= conf["portal_scheme"] then
-            ngx.log(ngx.DEBUG, "REDIRECT SCHEME ~= PORTAL_SCHEME: "..ngx.var.scheme)
-            return hlp.redirect(conf.portal_url)
-        end
-
        -- Add a trailing `/` if not present
        if ngx.var.uri.."/" == conf["portal_path"] then
            ngx.log(ngx.DEBUG, "REDIRECT MISSING /")
--- a/helpers.lua
+++ b/helpers.lua
@ -324,13 +324,6 @@ end
 -- Set the authentication headers in order to pass credentials to the
 -- application underneath.
 function set_headers(user)
-
-    -- We definitely don't want to pass credentials on a non-encrypted
-    -- connection.
-    if ngx.var.scheme ~= "https" then
-        return redirect("https://"..ngx.var.host..ngx.var.uri..uri_args_string())
-    end
-
    local user = user or authUser

    -- If the password is not in cache or if the cache has expired, ask for