| From: | Murtuza Zabuawala <murtuza(dot)zabuawala(at)enterprisedb(dot)com> |
|---|---|
| To: | Albert Serrallé <albert(dot)serralle(at)adevinta(dot)com> |
| Cc: | "pgadmin-support lists(dot)postgresql(dot)org" <pgadmin-support(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Bad Cookies with reverse proxy |
| Date: | 2019-09-04 11:29:34 |
| Message-ID: | CAKKotZSxtyXS5OcbqQ-FhPEGFuMU7HUkzjLWegZTmw62aGDqUg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-support |
Hi,
If you are using latest version then could you please try setting
ENHANCED_COOKIE_PROTECTION
= False in your config_local.py file?
We have recently added this config parameter for similar kind of issue.
Ref: https://redmine.postgresql.org/issues/4566
--
Regards,
Murtuza Zabuawala
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
On Wed, Sep 4, 2019 at 4:33 PM Albert Serrallé <albert(dot)serralle(at)adevinta(dot)com>
wrote:
> Hello,
>
> I've been trying to setup a pgadmin on Kubernetes behind an nginx ingress
> that handles the TLS termination. I cannot modify the configuration of that
> ingress, so I've deployed an additional nginx to handle the reverse proxy
> config for pgadmin:
>
> nginx ingress (tls termination) -> nginx -> pgadmin
>
> The config of my reverse proxy is:
>
> upstream http_backend {
> server localhost:8080;
> keepalive 16;
> }
>
> server {
> listen 5050;
> server_name _;
>
> location / {
> proxy_set_header X-Scheme https;
> proxy_set_header X-Forwarded-Proto https;
> proxy_set_header X-Forwarded-Port 443;
> proxy_set_header X-Original-Forwarded-For "";
> proxy_set_header Host $host;
>
> proxy_pass http://http_backend/;
> proxy_redirect off;
>
> proxy_http_version 1.1;
> proxy_set_header Connection "";
> }
> }
>
> It works, all the Location headers are good, the problem is that the
> returned Cookies are not valid. If I curl the root of the server, and then
> save the returned cookie and use it again on a subsequent request, a new
> cookie is issued instead of keepking the previous one (so I guess the
> server doesn't like it).
>
> The outcome is that in a browser there's an infinite loop of redirects,
> trying to get a good cookie with no success.
>
> I've been looking this thread:
> https://www.postgresql.org/message-id/flat/5d14f954.1c69fb81.e188f.9c5b%40mx.google.com
> but the config used by them is already in my config, my redirects are good,
> but the cookies still are bad.
>
> I was thinking: what can make a pgadmin server discard a cooke?
>
> Thanks.
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Albert Serrallé | 2019-09-04 11:57:23 | Re: Bad Cookies with reverse proxy |
| Previous Message | Albert Serrallé | 2019-09-04 11:03:23 | Bad Cookies with reverse proxy |