nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code

Platform/pm 2138/add nginx to known proxies (#3012)

Browse Source 
* Add nginx to known proxies

* Only add nginx proxy if standard self host deployment

* Style changes

* Add forwarded headers config to events server

* Add known proxy forwarding to missing services

* Catch DNS errors in adding nginx proxy

* Update src/SharedWeb/Utilities/ServiceCollectionExtensions.cs

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
This commit is contained in:
Matt Gibson 2023-06-14 09:33:26 -05:00 committed by GitHub
parent 73c721ede3
commit bdd5e0916e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 34 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bitwarden_license/src/Scim/Startup.cs
View File

@ -93,6 +93,12 @@ public class Startup
// Add general security headers // Add general security headers
app.UseMiddleware<SecurityHeadersMiddleware>(); app.UseMiddleware<SecurityHeadersMiddleware>();
// Forwarding Headers
if (globalSettings.SelfHosted)
{
app.UseForwardedHeaders(globalSettings);
}
if (env.IsDevelopment()) if (env.IsDevelopment())
{ {
app.UseDeveloperExceptionPage(); app.UseDeveloperExceptionPage();

6
src/Events/Startup.cs
View File

@ -93,6 +93,12 @@ public class Startup
// Add general security headers // Add general security headers
app.UseMiddleware<SecurityHeadersMiddleware>(); app.UseMiddleware<SecurityHeadersMiddleware>();
// Forwarding Headers
if (globalSettings.SelfHosted)
{
app.UseForwardedHeaders(globalSettings);
}
if (env.IsDevelopment()) if (env.IsDevelopment())
{ {
app.UseDeveloperExceptionPage(); app.UseDeveloperExceptionPage();

6
src/Icons/Startup.cs
View File

@ -55,6 +55,12 @@ public class Startup
// Add general security headers // Add general security headers
app.UseMiddleware<SecurityHeadersMiddleware>(); app.UseMiddleware<SecurityHeadersMiddleware>();
// Forwarding Headers
if (globalSettings.SelfHosted)
{
app.UseForwardedHeaders(globalSettings);
}
if (env.IsDevelopment()) if (env.IsDevelopment())
{ {
app.UseDeveloperExceptionPage(); app.UseDeveloperExceptionPage();

6
src/Notifications/Startup.cs
View File

@ -90,6 +90,12 @@ public class Startup
// Add general security headers // Add general security headers
app.UseMiddleware<SecurityHeadersMiddleware>(); app.UseMiddleware<SecurityHeadersMiddleware>();
// Forwarding Headers
if (globalSettings.SelfHosted)
{
app.UseForwardedHeaders(globalSettings);
}
if (env.IsDevelopment()) if (env.IsDevelopment())
{ {
app.UseDeveloperExceptionPage(); app.UseDeveloperExceptionPage();

13
src/SharedWeb/Utilities/ServiceCollectionExtensions.cs
View File

@ -540,10 +540,17 @@ public static class ServiceCollectionExtensions
if (!globalSettings.UnifiedDeployment) if (!globalSettings.UnifiedDeployment)
{ {
// Trust the X-Forwarded-Host header of the nginx docker container // Trust the X-Forwarded-Host header of the nginx docker container
var nginxIp = Dns.GetHostEntry("nginx").AddressList.FirstOrDefault(); try
if (nginxIp != null)
{ {
options.KnownProxies.Add(nginxIp); var nginxIp = Dns.GetHostEntry("nginx")?.AddressList.FirstOrDefault();
if (nginxIp != null)
{
options.KnownProxies.Add(nginxIp);
}
}
catch
{
// Ignore DNS errors
} }
} }