PHPFixing
  • Privacy Policy
  • TOS
  • Ask Question
  • Contact Us
  • Home
  • PHP
  • Programming
  • SQL Injection
  • Web3.0

Thursday, September 1, 2022

[FIXED] How do I get the proxy scheme inside a Flask app?

 September 01, 2022     flask, nginx-reverse-proxy, python     No comments   

Issue

I have a Flask application that is running behind an NGINX reverse proxy. In one of my functions I need to construct a URL to a different service and I wish to match the HTTP scheme to whatever the NGINX entry scheme is. So if NGINX is reverse proxying an https request, I'd like to generate a url like https://my_other_service. But if NGINX reverse proxies an http I'd like it to be http://my_other_service.

The flask.url_for function is able to automatically determine the proxy scheme when I use it for endpoints in the same app so I figure this must be possible, but in my case the url I'm generating is not an endpoint in the current Flask app.

How can I determine the proxy scheme inside a flask app?


Solution

As described on this question, you can directly tell url_for to use a specific scheme when generating a URL:

url_for('secure_thingy',
        _external=True,
        _scheme='https',
        viewarg1=1, ...)

The problem, of course, is that you don't necessarily know whether the URL should be https or not. If it's running behind Nginx in production, it must be https. If it's running on localhost for local development, perhaps https wouldn't work.

One solution would be to just have a configuration setting for your app on what scheme to use. In your development environment, it would be set to http. In your production environment, you'd use https. That's what I would do.

An alternative is to tell Nginx to pass along a special header which you could then use to alter the scheme.

There are instructions on adding headers on the Nginx site, so here's an example:

location /some/path/ {
    proxy_set_header X-Force-Https "yes";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_pass http://localhost:8000;
}

Then in your Flask code, only pass _scheme='https' to url_for if request.headers.get('X-Force-Https', None) == 'yes'.

That's a more automatic solution, but will require you to modify your production web server environment.



Answered By - Ken Kinder
Answer Checked By - Marie Seifert (PHPFixing Admin)
  • Share This:  
  •  Facebook
  •  Twitter
  •  Stumble
  •  Digg
Newer Post Older Post Home

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...

Subscribe To

Posts
Atom
Posts
Comments
Atom
Comments

Copyright © PHPFixing