Comments (23)
Just as an update for my previous post. Now it all works perfectly. Key was to make sure original URL is passed correctly to application server. So I would not call this a bug, but just thing that might be worth document a bit better.
Resolution will be up to you setup, how it worked out for me.
First I had to make sure Pomerium route has preserve_host_header = true. Depending on source my app will receive requested host from header as host or X-Original-Host. Then it was just a matter of selecting correct host and pass it over to fastcgi.
map $http_x_original_host $my_real_host {
default $http_x_original_host;
'' $http_host;
}
.
.
.
fastcgi_param SERVER_NAME $my_real_host;
fastcgi_param HTTP_HOST $my_real_host;
So now my application will receive host used for original request and it will generate correct URLs depending where requests are coming from and I do not have to modify my application source code at all. Hope this helps somebody to with similar problems.
from expose.
Same here. I'm using Pomerium as proxy. I did test Ngork and it did seem to work better in this case, maybe it is working more like a "real proxy" service.
Now I did manage to overcome this problem, just for a sake of testing, with few changes.
- Add xyz.sharedwithexpose.com to your /etc/hosts pointing 127.0.0.1
- Add separate route to my Pomerium config from URL xyz.sharedwithexpose.com
- Add to my Nginx config 'fastcgi_param SERVER_NAME' xyz.sharedwithexpose.com
- My Pomerium requires valid cert so I needed to open xyz.sharedwithexpose.com once and accept failing cert
So most likely all you that have similar problems have a look at your proxies and test connections with curl that Expose dashboard provides to you. That helped me to understand this issue a bit. I'm not a real proxy wizard and there might much easier solutions for this, like Pomerium preserve_host_header. Of course if Expose could work a bit better on this matter, but I'm not that sure how easily it could be achieved. Maybe there is more clever guys who could provide some good ideas..?
Nice tool overall guys!
from expose.
The key is to replace Host
with X-Original-Host
in your web server. Traefik does not allow dynamic header rewrite (I think it's in the works), but you can still hardcode it.
from expose.
I thought this might be an issue as well, but it seems that this is already happening. When you dump $_SERVER['HTTP_HOST']
you should see the hostname of the URL you shared.
This looks like the same issue as #24 .
from expose.
Not for me, I see https://mywebsite.local.com
in HTTP_HOST
from expose.
Hi @danydev
We are actually already doing this. Even though the host name can't be configured manually - maybe that would be helpful.
But instead, the hostname gets used when you specify it while sharing:
See
This is the host that you configure when sharing your site.
So expose share foo.test
will set the host header to foo.test
.
Could you try and see if it makes a difference for you if you do:
expose share https://mysite.test
vs
expose share mysite.test:443
from expose.
No difference, I still see the 'wrong' header. But now that you're telling me that the tool should already handle it. I suppose it has something to do with my setup. My dev environment is composed by a traefik container acting as reverse proxy to a nginx container.
Looks like ngrok is able to 'override' somehow the redirection that my application-level code is doing to the correct host. I think it's just because they do some additional work to make it working in those cases.
Note how if I go to a path where there are NO redirections the website is correctly served, only when there is a 30x I got redirected to the "wrongβ local url.
from expose.
Would be interesting to see the headers that ngrok is sending in your specific use case (taken from the local inspector view) compared to what expose is doing.
from expose.
Looks like my application-level code sees the 'wrong' header with ngrok as well (and that's fine as long as I get redirected to the correct host), so I suppose the 'fix' is done by ngrok while acting as middle-man.
Inspecting the response with a proxy I can tell ngrok response already contains the correct Location/Host headers (Location: https://bbd708a5e84c.ngrok.io/login
), so I think it's something they do server-side. Maybe they just replace Host\Location headers manually when such option is on?
Also, not sure if you are asking for something more specific, if so, just tell me what you need to look into.
from expose.
Yeah I would be interested in the headers that you see in the local dashboards when you inspect a specific request (the one at http://127.0.0.1:4040
As they contain the headers that get sent to your expose client - without your application level code being in-between (and any proxied servers)
from expose.
I did not know http://127.0.0.1:4040, so that's the result:
Request:
GET /
Host | myservice.local.it
X-Original-Host | bbd708a5e84c.ngrok.io
X-Forwarded-For | my-ip-address (redacted)
Response:
302 Found
Location | https://myservice.local.it/login
Now, you may say "well, looks like you should be redirected to myservice.local.it". Not really, the curl tells me that:
Location: https://bbd708a5e84c.ngrok.io/login
indeed I get redirected there (to ngrok.io, not to myservice).
So I can't tell you why that debugging tool tells the wrong location, while the actual response inspected with curl contains the right location (and indeed, it works). It may just be that the tool contains what ngrok sees without the actual fix done server side?
from expose.
Okay great, could you show me the same header results on expose's dashboard?
Just to see if the headers are the same
from expose.
Yes, they look the same
GET /
Host myservice.local.it:443
x-original-host xudu45wyce.sharedwithexpose.com
x-forwarded-for my-ip-address
Response
302 Found
Location https://myservice.local.it/login
but the actual curl with expose says
Location: https://myservice.local.it/login
from expose.
I have the same issue , when i perform a login , redirects to my localdomain with the page expired message.
from expose.
I just added the X-Forwarded-Host
to expose, so hopefully servers can just make use of this.
Because host header rewrites "just work" based on the site that you share.
Maybe it might be an interesting option to manually specify the host header when sharing a site, but since you share URLs, you can just share the URL that contains the correct hostname.
from expose.
Just tested, and it did not solve my problem.
Just to clarify: I could easily fiddle with traefik (or nginx) and headers to fool my web server and make it works, but still would require me make operational changes for the tool. Something that is not super bad, but still ngrok just works out of the box.
Looks like ngrok 'does the magic' doing some headers overwrite as soon as it 'proxies' the response. I just debugged my application-level code and it returns a 302 on https://myservice.local.it/login
so ngrok does its trick just later in the 'client', given that the web server has the 'wrong' host the whole time, but still the actual response contains the right url.
from expose.
@danydev did you ever figure out a workaround for this? I love the look of Expose but also using Traefik
from expose.
If I recall correctly, in order for systems such as Laravel, Rails, or reverse proxies etc. to pick this up correctly, it's not only X-Forwarded-Host
that should be added, but also X-Forwarded-For
and X-Forwarded-Proto
. Might as well also add the Forwarded
header.
from expose.
Just as an update for my previous post. Now it all works perfectly. Key was to make sure original URL is passed correctly to application server. So I would not call this a bug, but just thing that might be worth document a bit better.
Resolution will be up to you setup, how it worked out for me.
First I had to make sure Pomerium route has preserve_host_header = true. Depending on source my app will receive requested host from header as host or X-Original-Host. Then it was just a matter of selecting correct host and pass it over to fastcgi.map $http_x_original_host $my_real_host { default $http_x_original_host; '' $http_host; } . . . fastcgi_param SERVER_NAME $my_real_host; fastcgi_param HTTP_HOST $my_real_host;
So now my application will receive host used for original request and it will generate correct URLs depending where requests are coming from and I do not have to modify my application source code at all. Hope this helps somebody to with similar problems.
Very goooood! Thank you! π
from expose.
I'm not sure it's good to close the issue here. While we can actually fiddle with webserver\proxy parameters to get it right, ngrok doesn't need to do it in order to give the same functionality.
from expose.
@danydev I thought that this issue was fixed by now.
Are you still experiencing this issue?
If you do, I would highly appreciate an easy-to-reproduce repository so that I can see how this can be fixed inside of Expose.
from expose.
Yes, it's still happening in 1.5.1. I'll try to create a mini-application in the next week or two, so you can actually reproduce it.
from expose.
Closing this issue because it's old π
from expose.
Related Issues (20)
- Composer plugins have been disabled for safety in this non-interactive session when building Docker image HOT 1
- Recommended specs for self hosted?
- Extra managed regions (e.g. Africa) HOT 1
- Set TCP Port range in Docker
- Client > Configuration page does not work
- Could not connect to the server. Connection to tls://us-1.sharedwithexpose.com:443 failed during TLS handshake: SSL operation failed with code 1. OpenSSL Error messages: error:1408F10B:SSL routines:ssl3_get_record:wrong version number HOT 7
- Asset URLs Contain Incorrect Port in Laravel Sail Environment with Expose Reverse Proxy HOT 1
- Docker
- Could not connect to server error:80000002 HOT 5
- Could not connect to the server. - 502 Bad Gateway HOT 2
- Carbon\Carbon::setLastErrors(): Argument #1 ($lastErrors) must be of type array, bool given HOT 1
- Docs don't reflect renaming 'auth' argument to 'basicAuth'
- Auto restarting after disconnect HOT 1
- Authentication failed HOT 6
- Authentication Error on Pro License HOT 6
- Could not connect to the server.
- OpenSSL certificate verify failed HOT 4
- [Bug]: expose command not found HOT 1
- OpenSSL Error: wrong version number HOT 13
- [Bug]: Website documentation images broken
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from expose.