From f33b6de157423ba9ce5778167e8e8a31e2d06b19 Mon Sep 17 00:00:00 2001 From: Chongyi Zheng Date: Thu, 30 Jun 2022 20:49:48 -0400 Subject: [PATCH 1/5] Support X-Forwarded-Host header --- server/uptime-kuma-server.js | 1 + 1 file changed, 1 insertion(+) diff --git a/server/uptime-kuma-server.js b/server/uptime-kuma-server.js index 605ba533..991c7ba2 100644 --- a/server/uptime-kuma-server.js +++ b/server/uptime-kuma-server.js @@ -49,6 +49,7 @@ class UptimeKumaServer { log.info("server", "Creating express and socket.io instance"); this.app = express(); + this.app.enable("trust proxy"); if (sslKey && sslCert) { log.info("server", "Server Type: HTTPS"); From 6ce012c9a141213044522e5d1826c90bcd741adb Mon Sep 17 00:00:00 2001 From: Chongyi Zheng Date: Tue, 12 Jul 2022 22:45:54 -0400 Subject: [PATCH 2/5] Add trust proxy checkbox in Settings page --- src/components/settings/ReverseProxy.vue | 47 ++++++++++++++++++++++++ src/languages/en.js | 4 ++ src/pages/Settings.vue | 4 ++ 3 files changed, 55 insertions(+) diff --git a/src/components/settings/ReverseProxy.vue b/src/components/settings/ReverseProxy.vue index 616b0996..85046cc2 100644 --- a/src/components/settings/ReverseProxy.vue +++ b/src/components/settings/ReverseProxy.vue @@ -91,6 +91,47 @@ {{ $t("For example: nginx, Apache and Traefik.") }}
{{ $t("Please read") }} https://github.com/louislam/uptime-kuma/wiki/Reverse-Proxy. + +

{{ $t("HTTP Headers") }}

+
+ +
+ + +
+
+ + +
+
+ +
+ +
@@ -113,6 +154,12 @@ export default { settings() { return this.$parent.$parent.$parent.settings; }, + saveSettings() { + return this.$parent.$parent.$parent.saveSettings; + }, + settingsLoaded() { + return this.$parent.$parent.$parent.settingsLoaded; + }, }, watch: { diff --git a/src/languages/en.js b/src/languages/en.js index 9aeedd9d..3c3cdff4 100644 --- a/src/languages/en.js +++ b/src/languages/en.js @@ -453,6 +453,10 @@ export default { "Message:": "Message:", "Don't know how to get the token? Please read the guide:": "Don't know how to get the token? Please read the guide:", "The current connection may be lost if you are currently connecting via Cloudflare Tunnel. Are you sure want to stop it? Type your current password to confirm it.": "The current connection may be lost if you are currently connecting via Cloudflare Tunnel. Are you sure want to stop it? Type your current password to confirm it.", + "HTTP Headers": "HTTP Headers", + "Trust Proxy": "Trust Proxy", + "Trust 'X-Forwarded-*' headers": "Trust 'X-Forwarded-*' headers", + "Don't trust 'X-Forwarded-*' headers": "Don't trust 'X-Forwarded-*' headers", "Other Software": "Other Software", "For example: nginx, Apache and Traefik.": "For example: nginx, Apache and Traefik.", "Please read": "Please read", diff --git a/src/pages/Settings.vue b/src/pages/Settings.vue index 03eb09e9..e1013789 100644 --- a/src/pages/Settings.vue +++ b/src/pages/Settings.vue @@ -153,6 +153,10 @@ export default { this.settings.tlsExpiryNotifyDays = [ 7, 14, 21 ]; } + if (this.settings.trustProxy === undefined) { + this.settings.trustProxy = false; + } + this.settingsLoaded = true; }); }, From 3fa5dfc87340ffec34d830a4e906f399845e33d6 Mon Sep 17 00:00:00 2001 From: Chongyi Zheng Date: Tue, 12 Jul 2022 22:59:23 -0400 Subject: [PATCH 3/5] Use x-forwarded-host only when trustProxy is true --- server/server.js | 14 +++++++++++--- server/uptime-kuma-server.js | 2 -- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/server/server.js b/server/server.js index 2d3f37ee..0c08da07 100644 --- a/server/server.js +++ b/server/server.js @@ -164,12 +164,20 @@ let needSetup = false; // Entry Page app.get("/", async (request, response) => { - log.debug("entry", `Request Domain: ${request.hostname}`); + let hostname = request.hostname; + if (await setting("trustProxy")) { + const proxy = request.headers["x-forwarded-host"]; + if (proxy) { + hostname = proxy; + } + } + + log.debug("entry", `Request Domain: ${hostname}`); - if (request.hostname in StatusPage.domainMappingList) { + if (hostname in StatusPage.domainMappingList) { log.debug("entry", "This is a status page domain"); - let slug = StatusPage.domainMappingList[request.hostname]; + let slug = StatusPage.domainMappingList[hostname]; await StatusPage.handleStatusPageResponse(response, server.indexHTML, slug); } else if (exports.entryPage && exports.entryPage.startsWith("statusPage-")) { diff --git a/server/uptime-kuma-server.js b/server/uptime-kuma-server.js index 991c7ba2..34031b23 100644 --- a/server/uptime-kuma-server.js +++ b/server/uptime-kuma-server.js @@ -49,8 +49,6 @@ class UptimeKumaServer { log.info("server", "Creating express and socket.io instance"); this.app = express(); - this.app.enable("trust proxy"); - if (sslKey && sslCert) { log.info("server", "Server Type: HTTPS"); this.httpServer = https.createServer({ From 16d6885a88aec8fff716c4b0577ce59bb3f7305a Mon Sep 17 00:00:00 2001 From: Louis Lam Date: Sun, 31 Jul 2022 18:11:40 +0800 Subject: [PATCH 4/5] Fix radio button and add description --- src/components/settings/ReverseProxy.vue | 12 ++++++++---- src/languages/en.js | 1 + 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/src/components/settings/ReverseProxy.vue b/src/components/settings/ReverseProxy.vue index 85046cc2..0fab7629 100644 --- a/src/components/settings/ReverseProxy.vue +++ b/src/components/settings/ReverseProxy.vue @@ -103,12 +103,12 @@ v-model="settings.trustProxy" class="form-check-input" type="radio" - name="flexRadioDefault" + name="trustProxyYes" :value="true" required />
@@ -121,10 +121,14 @@ :value="false" required /> -
+ +
+ {{ $t("trustProxyDescription") }} +
diff --git a/src/languages/en.js b/src/languages/en.js index 3c3cdff4..2d66154d 100644 --- a/src/languages/en.js +++ b/src/languages/en.js @@ -540,4 +540,5 @@ export default { "Domain": "Domain", "Workstation": "Workstation", disableCloudflaredNoAuthMsg: "You are in No Auth mode, password is not require.", + trustProxyDescription: "Trust 'X-Forwarded-*' headers. If you want to get the correct client IP and your Uptime Kuma is behind such as Nginx or Apache, you should enable this.", }; From a0843745f977b6a11ffcff426e2efa78ebe6be97 Mon Sep 17 00:00:00 2001 From: Louis Lam Date: Sun, 31 Jul 2022 18:12:41 +0800 Subject: [PATCH 5/5] Remove unused language key --- src/languages/en.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/languages/en.js b/src/languages/en.js index 2d66154d..9f20cd5d 100644 --- a/src/languages/en.js +++ b/src/languages/en.js @@ -455,8 +455,6 @@ export default { "The current connection may be lost if you are currently connecting via Cloudflare Tunnel. Are you sure want to stop it? Type your current password to confirm it.": "The current connection may be lost if you are currently connecting via Cloudflare Tunnel. Are you sure want to stop it? Type your current password to confirm it.", "HTTP Headers": "HTTP Headers", "Trust Proxy": "Trust Proxy", - "Trust 'X-Forwarded-*' headers": "Trust 'X-Forwarded-*' headers", - "Don't trust 'X-Forwarded-*' headers": "Don't trust 'X-Forwarded-*' headers", "Other Software": "Other Software", "For example: nginx, Apache and Traefik.": "For example: nginx, Apache and Traefik.", "Please read": "Please read",