From e43b1f71fa4e443d15f40b7e2579b19cc4a50459 Mon Sep 17 00:00:00 2001 From: hassanselim0 Date: Fri, 1 Jan 2021 17:07:00 +0200 Subject: [PATCH] fix(headers): don't proxy `x-forwarded-host` #456 This it to avoid reverse-proxy loops. Updated docs to reflect new defaults and explain the purpose of that new default. --- docs/content/en/options.md | 8 ++++---- lib/module.js | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/content/en/options.md b/docs/content/en/options.md index c5b3f5c..e865f07 100644 --- a/docs/content/en/options.md +++ b/docs/content/en/options.md @@ -166,13 +166,13 @@ In SSR context, this options sets client requests headers as default headers for This is useful for making requests which need cookie based auth on server side. This also helps making consistent requests in both SSR and Client Side code. -> **NOTE:** If you are directing requests to an url that is protected by CloudFlare's CDN you should set this to `false` in order to prevent CloudFlare from mistakenly detecting a reverse proxy loop and returning a 403 error. - ## `proxyHeadersIgnore` -* Default `['host', 'accept', 'cf-ray', 'cf-connecting-ip', 'content-length']` +* Default `['accept', 'host', 'x-forwarded-host', 'cf-ray', 'cf-connecting-ip', 'content-length', 'content-md5', 'content-type']` + +This is useful and effective only when `proxyHeaders` is set to true. It removes unwanted requests headers to the API backend in SSR. -This is useful and efficient only when `proxyHeaders` is set to true. Removes unwanted requests headers to the API backend in SSR. +Ignoring the headers `x-forwarded-host`, `cf-ray`, and `cf-connecting-ip` is necessary to avoid confusing reverse proxies (including CloudFlare) and avoid causing proxy loops. ## `headers` diff --git a/lib/module.js b/lib/module.js index 2317012..f898e37 100755 --- a/lib/module.js +++ b/lib/module.js @@ -64,7 +64,7 @@ function axiosModule (_moduleOptions) { debug: false, progress: true, proxyHeaders: true, - proxyHeadersIgnore: ['accept', 'host', 'cf-ray', 'cf-connecting-ip', 'content-length', 'content-md5', 'content-type'], + proxyHeadersIgnore: ['accept', 'host', 'x-forwarded-host', 'cf-ray', 'cf-connecting-ip', 'content-length', 'content-md5', 'content-type'], proxy: false, retry: false, https,