-
Bug
-
Resolution: Unresolved
-
Minor
-
Docker image jenkins/jenkins:2.73.3-alpine
Docker image nginx:1.13.6-alpine
docker-compose version 1.16.1
Environment
docker-compose.yml
version: '3.3'
services:
jenkins:
image: jenkins/jenkins:2.73.3-alpine
expose:
- '8080'
nginx:
image: nginx:1.13.6-alpine
ports:
- '20080:80'
links:
- jenkins
volumes:
- ./nginx.conf:/etc/nginx/nginx.conf:ro
nginx.conf
events {
}
http {
resolver 127.0.0.11 ipv6=off;
server {
listen 80;
location / {
set $jenkins http://jenkins:8080;
proxy_pass $jenkins;
proxy_redirect $jenkins/ /;
proxy_set_header Host $http_host;
proxy_set_header Connection close;
# Forwarded header: https://tools.ietf.org/html/rfc7239
proxy_set_header Forwarded "by=$server_addr:$server_port;for=$remote_addr:$remote_port;host=$http_host:$server_port;proto=$scheme";
# Non standard headers
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
}
}
Steps to reproduce
docker-compose up
- Open browser to <DOCKER_HOST_IP>:20080
- Open browser developer tools / Network trace
- At prompt, input password as seen in step #1
- Observe browser error message. In browser network trace, observe redirection with invalid URL
Server: nginx/1.13.6 Date: Fri, 17 Nov 2017 16:24:21 GMT Transfer-Encoding: chunked Connection: keep-alive X-Content-Type-Options: nosniff Set-Cookie: JSESSIONID.9c89714d=node010jvw2q04kspp1kvf4zgxgpif81.node0;Path=/;HttpOnly Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: http://[localhost:20080]/
Expected: (Jenkins 2.60.3)
Location: http://localhost:20080/
Workaround
Have reverse-proxy not implement RFC 7239 Forwarded header and use non standard headers instead.
