Skip to content

fix(prerenderer): configure trust proxy #596

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
DeviaVir merged 1 commit into from
Sep 23, 2025
Merged

fix(prerenderer): configure trust proxy #596

DeviaVir merged 1 commit into from
Sep 23, 2025

Conversation

@DeviaVir
Copy link
Contributor

@DeviaVir DeviaVir commented Sep 23, 2025

This should resolve issues with redirecting, e.g. this chain currently happens:
https://blockstream.info/nojs -> http://blockstream.info/nojs -> https://blockstream.info/nojs

Mostly because the server doesn't trust the proxy's X-Forwarded-Proto header.

@DeviaVir DeviaVir requested a review from Copilot September 23, 2025 13:55
@DeviaVir DeviaVir self-assigned this Sep 23, 2025
Copilot AI reviewed Sep 23, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR fixes HTTPS redirection issues in the prerender server by configuring Express to trust proxy headers. The change prevents the problematic redirect chain where HTTPS requests are incorrectly redirected to HTTP and then back to HTTPS.

  • Configures Express to trust the X-Forwarded-Proto header from proxies

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@DeviaVir DeviaVir force-pushed the prerender-trust-proxy branch from b228d76 to 65edd1d Compare September 23, 2025 15:37
@DeviaVir DeviaVir merged commit 950ebf3 into prom-503 Sep 23, 2025
3 checks passed
@DeviaVir DeviaVir deleted the prerender-trust-proxy branch September 23, 2025 16:43
DeviaVir added a commit that referenced this pull request Sep 24, 2025
@DeviaVir
feat(prerenderer): add prom + 503 overload protection (#595)
f1a118c 
* feat(prerenderer): add prom + 503 overload protection

* fix(prerenderer): configure trust proxy to fix http -> https redirects (#596)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@DeviaVir DeviaVir

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@DeviaVir