TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-21 09:52:06 +03:00
Code Issues Projects Releases Wiki Activity
9018e64493
Ghost/core/server/web/parent-app.js
Kevin Ansfield 7284227f1e
🐛 Fixed 404s when using a proxy setup (#11269) 
no issue

When using certain proxy setups that result in `host` and `x-forwarded-host` being different, it became impossible to access Ghost because all routes showed generic 404 pages.

- `vhost` module that we are using to separate front-end and admin urls does not use express' `req.hostname` so it does not pick up the `x-forwarded-host` url that express' `'trust proxy'` config gives us
- switched to the forked `@tryghost/vhost-middleware` package which has a one-line change to use `req.hostname || req.host`
- added `'trust proxy'` config to the admin express app and switched to using `req.hostname` in our redirect code to avoid infinite redirect loops
2019-10-28 11:22:05 +00:00

89 lines
3.2 KiB
JavaScript
Raw Blame History

const debug = require('ghost-ignition').debug('web:parent');
const express = require('express');
const vhost = require('@tryghost/vhost-middleware');
const config = require('../config');
const compress = require('compression');
const netjet = require('netjet');
const shared = require('./shared');
const escapeRegExp = require('lodash.escaperegexp');
const {URL} = require('url');
const urlUtils = require('../lib/url-utils');
const storage = require('../adapters/storage');
const STATIC_IMAGE_URL_PREFIX = `/${urlUtils.STATIC_IMAGE_URL_PREFIX}`;
module.exports = function setupParentApp(options = {}) {
debug('ParentApp setup start');
const parentApp = express();
// ## Global settings
// Make sure 'req.secure' is valid for proxied requests
// (X-Forwarded-Proto header will be checked, if present)
parentApp.enable('trust proxy');
parentApp.use(shared.middlewares.requestId);
parentApp.use(shared.middlewares.logRequest);
// Register event emmiter on req/res to trigger cache invalidation webhook event
parentApp.use(shared.middlewares.emitEvents);
// enabled gzip compression by default
if (config.get('compress') !== false) {
parentApp.use(compress());
}
// Preload link headers
if (config.get('preloadHeaders')) {
parentApp.use(netjet({
cache: {
max: config.get('preloadHeaders')
}
}));
}
// This sets global res.locals which are needed everywhere
parentApp.use(shared.middlewares.ghostLocals);
// Mount the apps on the parentApp
const adminHost = config.get('admin:url') ? (new URL(config.get('admin:url')).hostname) : '';
const frontendHost = new URL(config.get('url')).hostname;
const hasSeparateAdmin = adminHost && adminHost !== frontendHost;
// Wrap the admin and API apps into a single express app for use with vhost
const adminApp = express();
adminApp.enable('trust proxy'); // required to respect x-forwarded-proto in admin requests
adminApp.use('/ghost/api', require('./api')());
adminApp.use('/ghost', require('./admin')());
// TODO: remove {admin url}/content/* once we're sure the API is not returning relative asset URLs anywhere
// only register this route if the admin is separate so we're not overriding the {site}/content/* route
if (hasSeparateAdmin) {
adminApp.use(
STATIC_IMAGE_URL_PREFIX,
[
shared.middlewares.image.handleImageSizes,
storage.getStorage().serve(),
shared.middlewares.errorHandler.handleThemeResponse
]
);
}
// ADMIN + API
// with a separate admin url only serve on that host, otherwise serve on all hosts
const adminVhostArg = hasSeparateAdmin && adminHost ? adminHost : /.*/;
parentApp.use(vhost(adminVhostArg, adminApp));
// BLOG
// with a separate admin url we adjust the frontend vhost to exclude requests to that host, otherwise serve on all hosts
const frontendVhostArg = (hasSeparateAdmin && adminHost) ?
new RegExp(`^(?!${escapeRegExp(adminHost)}).*`) : /.*/;
parentApp.use(vhost(frontendVhostArg, require('./site')(options)));
debug('ParentApp setup end');
return parentApp;
};
Reference in New Issue View Git Blame Copy Permalink