FIX: Update nginx config for v1.23 (#19651)

NGINX v1.23 concatenates duplicate headers into a single comma-separated string. We were doing an equality check on `x-forwarded-proto`. If the request includes multiple `x-forwarded-proto` headers then this check would fail under NGINX v1.23, and our config assumed an `http` connection. This commit updates the config to check for `https` at the end of the header, thereby restoring the old behavior when multiple `x-forwarded-proto` request headers are sent.
2022-12-30 12:35:26 +00:00 · 2022-12-30 12:35:26 +00:00 · 584a6e3552
parent eebe2f256c
commit 584a6e3552
1 changed files with 1 additions and 1 deletions
--- a/config/nginx.sample.conf
+++ b/config/nginx.sample.conf
@ -33,7 +33,7 @@ large_client_header_buffers 4 32k;
 # attempt to preserve the proto, must be in http context
 map $http_x_forwarded_proto $thescheme {
  default $scheme;
-  https https;
+  "~https$" https;
 }

 log_format log_discourse '[$time_local] "$http_host" $remote_addr "$request" "$http_user_agent" "$sent_http_x_discourse_route" $status $bytes_sent "$http_referer" $upstream_response_time $request_time "$upstream_http_x_discourse_username" "$upstream_http_x_discourse_trackview" "$upstream_http_x_queue_time" "$upstream_http_x_redis_calls" "$upstream_http_x_redis_time" "$upstream_http_x_sql_calls" "$upstream_http_x_sql_time"';