-1

I am running nodejs on heroku. I want to set the following headers

RequestHeader set X-Forwarded-Proto expr=%{REQUEST_SCHEME}
RequestHeader set X-Forwarded-SSL expr=%{HTTPS}

ProxyPass / http://localhost:8001/
ProxyPassReverse / http://localhost:8001/

How can I do so using the nodejs and express code?

I tried the following to set the x-forwarded-proto header

app.use(function(req, res, next) {
    res.setHeader("X-Forwarded-Proto", // something here);
    res.setHeader("X-Forwarded-SSL", // something here);

    next();
});

I'm j

but I can't seen to set the x-forwarded-ssl header like the example above

Chris Hansen
  • 7,813
  • 15
  • 81
  • 165
  • Are you using Express? The http module? Did you read the relevant docs on headers? – jonrsharpe Feb 18 '22 at 12:58
  • Yes I'm using express. I read the relevant docs, but I don't know how to send the headers like the example above. Can you please help me? – Chris Hansen Feb 18 '22 at 13:05
  • Please give a [mre] to illustrate what you tried. – jonrsharpe Feb 18 '22 at 13:09
  • See question. I updated it – Chris Hansen Feb 18 '22 at 13:13
  • You don't seem to be _trying_ to set any headers. You read one request header, but where do you think you _write_ any response headers? What did you expect to happen? – jonrsharpe Feb 18 '22 at 13:14
  • Oh sorry, I pasted the wrong code. To set a header, I can use response.setHeader("Content-Type", "text/html");, but I don't know how to do. this to make it look like the apache settings above – Chris Hansen Feb 18 '22 at 13:19
  • Please be more specific about the problem. Is it that you don't actually _know_ what the value should be? Did you look at e.g. https://httpd.apache.org/docs/2.4/expr.html to find out what the variables are? – jonrsharpe Feb 18 '22 at 13:23
  • I'm trying to solve this problem https://stackoverflow.com/questions/71145818/unable-to-verify-authorization-state-on-heroku. I link to a possible solution on that page. The solution says to set the apache headers like I did above. I'm trying to set the X-Forwarded-SSL so it mimics the headers I referred to above, but I don't know how. – Chris Hansen Feb 18 '22 at 13:27
  • @jonrsharpe please help me. I'm begging you. My app is losing users because of this problem. I don't know what to do. – Chris Hansen Feb 18 '22 at 13:31
  • It's still not clear what exactly your problem _is_. You haven't answered the direct question I posed above, your question doesn't include any of the context and there's a sentence that just stops part-way through. You have a fair amount of experience/rep/questions here, it shouldn't be so much effort to get the basics of [ask]. _Help us help you._ – jonrsharpe Feb 18 '22 at 13:33
  • Hi @jonrsharpe I'm running an app on heroku with nodejs/express. I'm unable to log the user in using google, facebook and linkedin. I'm using passport js to log the user in. I was told that the issue is with my apache configuraton. That I have to set the X-Forwarded-SSL and X-Forwarded-Proto headers like the way I showed in my question. The problem is that heroku doesn't do Apache headers. I have to set these headers in the code. I don't know how to do so the way I showed in the example above. Can you please help me? – Chris Hansen Feb 18 '22 at 13:49
  • @jonrsharpe does that provide you enough context? – Chris Hansen Feb 18 '22 at 14:03

1 Answers1

-1

You need to do a

res.send(data)

at some point.

N S Niko
  • 77
  • 2