feat(start): set host header in proxied requests to match remote API hosts #578
Conversation
…hosts Changes the host header from localhost to the remote API host, permitting a host match to be found against the remote host's certificate.
danwatford
requested review from
manekinekko,
sgollapudi77 and
sulabh-msft
as code owners
| @@ -70,6 +70,8 @@ export function handleFunctionRequest(req: http.IncomingMessage, res: http.Serve | |||
| res, | |||
| { | |||
| target, | |||
| // Set the host header to match the remote API host. | |||
| changeOrigin: true, | |||
There was a problem hiding this comment.
Have you tried the local auth emulation with this option? I just want to make sure this option doesn't affect the cookies that are created locally. I don't think we set the domain in the cookie but just in case.
There was a problem hiding this comment.
No, I've not tested that case. If no one else if able to, I'll do so, but it will be a few days before I get a chance to work on swa-cli again.
There was a problem hiding this comment.
This has now been tested and found to be working correctly with the SWA CLI's authentication emulation. Test approach is described here - https://watfordconsulting.com/2022/10/05/access-the-azure-static-web-apps-clientprincipal/
Tested by running the auth-echo Azure Function both locally and remotely in a GitHub Codespace.
|
Please approve this, it's blocking for many. Thanks you! |
Changes the host header from localhost to the remote API host, permitting a host match to be found against the remote host's certificate.
Relates to #523