run-dev: Set HTTP header to show we're proxing from port 9991.

Previously, while Django code that relied on EXTERNAL_HOST and other settings would know the Zulip server is actually on port 9991, the upcoming Django SAML code in python-social-auth would end up detecting a port of 9992 (the one the Django server is actually listening on). We fix this using X-Forwarded-Port.
2019-10-06 21:16:51 -07:00 · 2019-10-06 21:16:51 -07:00 · f8928182cf
parent f25968f0ff
commit f8928182cf
2 changed files with 9 additions and 0 deletions
--- a/tools/run-dev.py
+++ b/tools/run-dev.py
@ -319,6 +319,8 @@ class CombineHandler(BaseWebsocketHandler):
        # type: () -> None
        if 'X-REAL-IP' not in self.request.headers:
            self.request.headers['X-REAL-IP'] = self.request.remote_ip
+        if 'X-FORWARDED_PORT' not in self.request.headers:
+            self.request.headers['X-FORWARDED-PORT'] = str(proxy_port)
        if self.request.headers.get("Upgrade", "").lower() == 'websocket':
            return super().prepare()
        url = transform_url(
--- a/zproject/dev_settings.py
+++ b/zproject/dev_settings.py
@ -150,3 +150,10 @@ BILLING_ENABLED = True

 # Test Custom TOS template rendering
 TERMS_OF_SERVICE = 'corporate/terms.md'
+
+# Our run-dev.py proxy uses X-Forwarded-Port to communicate to Django
+# that the request is actually on port 9991, not port 9992 (the Django
+# server's own port); this setting tells Django to read that HTTP
+# header.  Important for SAML authentication in the development
+# environment.
+USE_X_FORWARDED_PORT = True