Problem with Reverse Proxy + Form Based Authentication

Post any problems / bugs / issues that are Mylar-related in here.
Post Reply
errorik
Posts: 5
Joined: Mon Apr 08, 2019 3:25 pm

Problem with Reverse Proxy + Form Based Authentication

Post by errorik »

When using reverse proxy setup (Apache + Let's Encrypt SSL) and Mylar's Form Based Authentication the redirect following a successful login (and other authentication check based redirects that direct you to the login screen) forces the browser from HTTPS to HTTP.

Mylar redirects to the following location: http://[host]:[port][http_root] (example: http://127.0.0.1:8090/mylar)
Mylar should instead using a relative redirect as such: [http_root] (example: /mylar)

Compare the follow two screen shots of the HTTP Headers response between Mylar and Sonarr both with similar settings enabled for Reverse Proxy support:

Mylar
Image

Sonarr
Image

Sonarr's "location" header does not include the protocol/host/port.
errorik
Posts: 5
Joined: Mon Apr 08, 2019 3:25 pm

Re: Problem with Reverse Proxy + Form Based Authentication

Post by errorik »

I think my issue is a duplicate (or at least related) of what was being reported here: https://github.com/evilhero/mylar/issues/2037

I do not think that Apache has a similar command as nginx "proxy_redirect http:// https://;" to fix the issue, but it does have a mod_headers module which allows you to essentially accomplish the same thing.

Code: Select all

#Mylar
    ProxyPass /mylar/ http://10.10.10.90:8090/mylar/
    ProxyPassReverse /mylar/ http://10.10.10.90:8090/mylar/
#Remove Proto+Domain from Location Header
    Header edit Location "(^http[s]?://)([a-zA-Z0-9\.\-]+)" ""
Adding the "Header edit Location" line fixed my issue. Hope this helps someone else.
Post Reply