Reverse-proxy issues #182
Comments
|
I have found the origin of this issue. It is directly linked with session parameters which are set up in the functions_general.inc.php file. (path : ./ona/www/include/functions_general.inc.php). if(PHP_VERSION_ID < 70300) {
session_set_cookie_params($conf['cookie_life'], '/; samesite=Strict', NULL, $secure, true);
} else {
session_set_cookie_params([
'lifetime' => $conf['cookie_life'],
'path' => '/',
'domain' => $_SERVER['SERVER_NAME'],
'secure' => $secure,
'httponly' => true,
'samesite' => 'Strict'
]);
}You are using the $_SERVER['SERVER_NAME'] superglobal variable and it always returns the server URL even if you're requesting from the reverse-proxy URL. So I have remplaced it with $_SERVER['HTTP_HOST'] that returns the domain name that appears in the HTTP Request Header and now it works pretty well ! if(PHP_VERSION_ID < 70300) {
session_set_cookie_params($conf['cookie_life'], '/; samesite=Strict', NULL, $secure, true);
} else {
session_set_cookie_params([
'lifetime' => $conf['cookie_life'],
'path' => '/',
'domain' => $_SERVER['HTTP_HOST'],
'secure' => $secure,
'httponly' => true,
'samesite' => 'Strict'
]);
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
I have some trouble with trying to use reverse-proxy with OpenNetAdmin. It seems like I cannot use this software like that.
More precisely, when I am using the reverse-proxy URL, I can't connect with a LDAP account, and admin account doesn't have any permissions. Moreover, I cannot see the data (VLAN_campus, VLAN, subnets, etc.).
It would come from the Response Cookie that the server formulates.
To me, it is linked with this lines :
in the ona/www/include/functions_general.inc.php file.
What are your opinions about that ?
The text was updated successfully, but these errors were encountered: