Merge pull request #1862 from harryzcy/issue-1861

Support X-Forwarded-Host header
2024-07-10 13:11:55 +00:00 · 2022-07-31 20:53:15 +08:00 · 2022-07-31 20:53:15 +08:00 · b777c0c3e4
commit b777c0c3e4
parent 4d975a5bd5 bea8679788
5 changed files with 69 additions and 4 deletions
--- a/server/server.js
+++ b/server/server.js
@ -164,12 +164,20 @@ let needSetup = false;

    // Entry Page
    app.get("/", async (request, response) => {
-        log.debug("entry", `Request Domain: ${request.hostname}`);
+        let hostname = request.hostname;
+        if (await setting("trustProxy")) {
+            const proxy = request.headers["x-forwarded-host"];
+            if (proxy) {
+                hostname = proxy;
+            }
+        }

-        if (request.hostname in StatusPage.domainMappingList) {
+        log.debug("entry", `Request Domain: ${hostname}`);
+
+        if (hostname in StatusPage.domainMappingList) {
            log.debug("entry", "This is a status page domain");

-            let slug = StatusPage.domainMappingList[request.hostname];
+            let slug = StatusPage.domainMappingList[hostname];
            await StatusPage.handleStatusPageResponse(response, server.indexHTML, slug);

        } else if (exports.entryPage && exports.entryPage.startsWith("statusPage-")) {
--- a/server/uptime-kuma-server.js
+++ b/server/uptime-kuma-server.js
@ -50,7 +50,6 @@ class UptimeKumaServer {

        log.info("server", "Creating express and socket.io instance");
        this.app = express();
-
        if (sslKey && sslCert) {
            log.info("server", "Server Type: HTTPS");
            this.httpServer = https.createServer({
--- a/src/components/settings/ReverseProxy.vue
+++ b/src/components/settings/ReverseProxy.vue
@ -91,6 +91,51 @@
            {{ $t("For example: nginx, Apache and Traefik.") }} <br />
            {{ $t("Please read") }} <a href="https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy" target="_blank">https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy</a>.
        </div>
+
+        <h4 class="my-4">{{ $t("HTTP Headers") }}</h4>
+        <div class="my-3">
+            <label class="form-label">
+                {{ $t("Trust Proxy") }}
+            </label>
+            <div class="form-check">
+                <input
+                    id="trustProxyYes"
+                    v-model="settings.trustProxy"
+                    class="form-check-input"
+                    type="radio"
+                    name="trustProxyYes"
+                    :value="true"
+                    required
+                />
+                <label class="form-check-label" for="trustProxyYes">
+                    {{ $t("Yes") }}
+                </label>
+            </div>
+            <div class="form-check">
+                <input
+                    id="trustProxyNo"
+                    v-model="settings.trustProxy"
+                    class="form-check-input"
+                    type="radio"
+                    name="flexRadioDefault"
+                    :value="false"
+                    required
+                />
+                <label class="form-check-label" for="trustProxyNo">
+                    {{ $t("No") }}
+                </label>
+            </div>
+
+            <div class="form-text">
+                {{ $t("trustProxyDescription") }}
+            </div>
+        </div>
+
+        <div>
+            <button class="btn btn-primary" type="submit" @click="saveSettings()">
+                {{ $t("Save") }}
+            </button>
+        </div>
    </div>
 </template>

@ -113,6 +158,12 @@ export default {
        settings() {
            return this.$parent.$parent.$parent.settings;
        },
+        saveSettings() {
+            return this.$parent.$parent.$parent.saveSettings;
+        },
+        settingsLoaded() {
+            return this.$parent.$parent.$parent.settingsLoaded;
+        },
    },
    watch: {

--- a/src/languages/en.js
+++ b/src/languages/en.js
@ -453,6 +453,8 @@ export default {
    "Message:": "Message:",
    "Don't know how to get the token? Please read the guide:": "Don't know how to get the token? Please read the guide:",
    "The current connection may be lost if you are currently connecting via Cloudflare Tunnel. Are you sure want to stop it? Type your current password to confirm it.": "The current connection may be lost if you are currently connecting via Cloudflare Tunnel. Are you sure want to stop it? Type your current password to confirm it.",
+    "HTTP Headers": "HTTP Headers",
+    "Trust Proxy": "Trust Proxy",
    "Other Software": "Other Software",
    "For example: nginx, Apache and Traefik.": "For example: nginx, Apache and Traefik.",
    "Please read": "Please read",
@ -536,5 +538,6 @@ export default {
    "Domain": "Domain",
    "Workstation": "Workstation",
    disableCloudflaredNoAuthMsg: "You are in No Auth mode, password is not require.",
+    trustProxyDescription: "Trust 'X-Forwarded-*' headers. If you want to get the correct client IP and your Uptime Kuma is behind such as Nginx or Apache, you should enable this.",
    wayToGetLineNotifyToken: "You can get an access token from {0}",
 };
--- a/src/pages/Settings.vue
+++ b/src/pages/Settings.vue
@ -153,6 +153,10 @@ export default {
                    this.settings.tlsExpiryNotifyDays = [ 7, 14, 21 ];
                }

+                if (this.settings.trustProxy === undefined) {
+                    this.settings.trustProxy = false;
+                }
+
                this.settingsLoaded = true;
            });
        },