ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Gitbridge unable to handle X-Forwarded Headers

book

Article ID: 213086

calendar_today

Updated On:

Products

Endevor Software Change Manager (SCM)

Issue/Introduction

Gitbridge seems to be unable to handle X-Forward Headers that allow it to run behind a proxy for ssl offloading and github authentication.
Setting the "ProxyPreserveHost On" corrects the domain name that gitbridge thinks it's running on. However, gitbridge changes the protocol from https, to http.
Further editing the location header to change the response's query to https lets github authenticate, but gitbrige then complains that the JWT token isn't valid. Likely because the protocols don't match what gitbridge originally sent.
 
 
Example apache configuration:
<VirtualHost *:80>
ServerName gitbridge.bcbssc.com
RequestHeader set Host gitbridge.bcbssc.com
RequestHeader set X-Forwarded-Port 443
RequestHeader set X-Forwarded-Proto https
ProxyPreserveHost On
 
Header edit Location http://gitbridge.bcbssc.com/ https://gitbridge.bcbssc.com/
 
ProxyPass / http://ndvr-git-bridge:8081/ disablereuse=On
ProxyPassReverse / http://ndvr-git-bridge:8081/
ProxyPassReverseCookiePath / /
 
</VirtualHost>

Environment

Release : 18.0

Component : BRIDGE FOR GIT 2.6.3

Resolution

X-Forwarded Headers can be accepted by gitbridge after upgrade to Bridge for Git 2.7.0