verdaccio: [V5] Verdaccio is not working behind http2 proxy

Describe the bug

Verdaccio v5 is not detecting headers passed from reverse proxy, I think it’s because of http2 is lowercasing all headers

log

{
  "level": 25,
  "time": 1619156769309,
  "pid": 7,
  "hostname": "verdaccio-5bdb8cd95f-6d78j",
  "req":
  {
    "method": "GET",
    "url": "/",
    "query": {},
    "params": {},
    "headers":
    {
      "host": "npm.domain.com",
      "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.128 Safari/537.36",
      "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9",
      "accept-encoding": "gzip, deflate, br",
      "accept-language": "en-US,en;q=0.9,de;q=0.8",
      "cache-control": "no-cache",
      "pragma": "no-cache",
      "sec-ch-ua": "\"Google Chrome\";v=\"89\", \"Chromium\";v=\"89\", \";Not A Brand\";v=\"99\"",
      "sec-ch-ua-mobile": "?0",
      "sec-fetch-dest": "document",
      "sec-fetch-mode": "navigate",
      "sec-fetch-site": "none",
      "sec-fetch-user": "?1",
      "upgrade-insecure-requests": "1",
      "x-forwarded-for": "172.30.2.20",
      "x-forwarded-host": "npm.domain.com",
      "x-forwarded-port": "443",
      "x-forwarded-proto": "https",
      "x-forwarded-server": "internal-traefik-6d4789455-hnklc",
      "x-real-ip": "172.30.2.20"
    },
    "remoteAddress": "10.42.235.33",
    "remotePort": 38724
  },
  "ip": "10.42.235.33",
  "msg": "@{ip} requested '@{req.method} @{req.url}'"
}

Woraround: override VERDACCIO_PUBLIC_URL

To Reproduce

running verdaccio behind traefik reverse proxy, which is terminating https (http2) connection.

Expected behavior

Verdaccio should detect lowercase reverse proxy headers.

Screenshots

Configuration File (cat ~/.config/verdaccio/config.yaml)

Environment information

Debugging output

$ NODE_DEBUG=request verdaccio display request calls (verdaccio <–> uplinks)
$ DEBUG=express:* verdaccio enable extreme verdaccio debug mode (verdaccio api)
$ npm -ddd prints:
$ npm config get registry prints:

About this issue

Original URL
State: closed
Created 3 years ago
Reactions: 1
Comments: 24 (6 by maintainers)

Commits related to this issue

fix: improve get headers from request #2190 — committed to verdaccio/verdaccio by juanpicado 3 years ago
fix: improve get headers from request #2190 (#2271) * fix: improve request header handling * chore: fix test * chore: apply suggestion — committed to verdaccio/verdaccio by juanpicado 3 years ago

Most upvoted comments

@FStefanni better to provide a simple docker-compose.yml with minimal config. For testing the default traefik generated cert would be enough. Traefik dashboard is not needed for testing, but a local host alias for a custom domain will help

viceice on May 6, 2021

Hi,

just to confirm that verdaccio:5.1.0 works fine behind Traefik. Thank you for the effort.

Regards.

FStefanni on Jun 7, 2021

Sure, but earliest next week. Sorry.

viceice on May 22, 2021

This seems to be an interesting issue to take a crack at, can someone help with traefik configuration to see if I can fix this as I’m unfamiliar with this proxy. Surely it will help the next person if I don’t get a PR going.

qballer on May 5, 2021

Thanks, no hurry, as there is a workaround 🙃

viceice on Apr 23, 2021

Proto was wrong too. It return http ip address urls instead of https and domain. But I saw it detects the original remote ip header.

Did not tested additional env vars.

viceice on Apr 23, 2021