Use HTTP_X_FORWARDED_PROTO header from reverse proxy to rewrite https:// for SAML request URLs

This commit is contained in:
pixelrebel 2022-05-19 19:00:38 -07:00
parent 9221d58a1b
commit e4c8c3892f

View File

@ -72,8 +72,9 @@ class SAML(object):
def prepare_flask_request(self, request): def prepare_flask_request(self, request):
# If server is behind proxys or balancers use the HTTP_X_FORWARDED fields # If server is behind proxys or balancers use the HTTP_X_FORWARDED fields
url_data = urlparse(request.url) url_data = urlparse(request.url)
proto = request.headers.get('HTTP_X_FORWARDED_PROTO', request.scheme)
return { return {
'https': 'on' if request.scheme == 'https' else 'off', 'https': 'on' if proto == 'https' else 'off',
'http_host': request.host, 'http_host': request.host,
'server_port': url_data.port, 'server_port': url_data.port,
'script_name': request.path, 'script_name': request.path,