Should Callback respect X-Forwarded-Prefix headers from reverse proxy? #157
Description
Could totally be my own inexperience here, but I'm running into redirect issues from my IDP and I think it's because of this line.
My nginx config has an app running on http://127.0.0.1:8050 being accessed through location /my-app1/. So I pass a proxy_set_header X-Forwarded-Prefix /my-app1.
All the auth stuff works out, however the final redirect pushes me to <my-domain> instead of <my-domain>/my-app1 like I would expect. I believe this is because I am not setting url_base_pathname in Dash to be /my-app1/, rather I am only setting requests_pathname_prefix to that value. The reason there being ... unclear .. but I find things only work when setting requests_pathname_prefix vs url_base_pathname
I'm also using a ProxyFix, which is forwarding on that Prefix header, but I am not familiar enough with Flask internals to know where / when it is applied (if at all).
app.server.wsgi_app = ProxyFix( app.server.wsgi_app, x_for=1, x_proto=1, x_host=1, x_prefix=1 )
Either way, if I patch
return redirect(self.app.config.get("url_base_pathname") or "/")
to effectively be
return redirect(request.headers.get("X-Forwarded-Prefix") or self.app.config.get("url_base_pathname") or "/")
Everything appears to redirect as intended. So I'm wondering if that header needs to be captured in this return statement.
It's no doubt a bit confusing when you have nginx waitress flask and dash all in line trying to be helpful!