Message Title

Tom Weise created an issue

Issue Type:	Bug
Affects Versions:	15.9
Assignee:	Unassigned
Created:	24/Nov/23 10:49
Environment:	using the XJetty .DEB Package of XWiki 15.9 on an Debian 12 System
Labels:	XJetty Forwarded https
Priority:	Major
Reporter:	Tom Weise

When enabling https in the reverse proxy (I tried nginx and apache) on an .DEB XJetty installation of 15.9 the following issues occour:

"failed to lock page" when trying to edit a page or "failed to retrieve extension data.Server not responding" when trying to install an extension.

Many buttons seem to react with http instead of https even though forwarded headers are set in the reverse Proxy. There seems to be no difference between using non-standard X-Forwarded or the RFC 7239 Forwarded headers. XJetty from the Debian package is probably is not listening to these headers.

The issue can be reproduced using the XWiki Apache2 example configuration as base which already include the RFC Forwarded header: Setting up Apache HTTP Server (XWiki.org)

Add Comment

This message was sent by Atlassian Jira