id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
33293	Wrong redirect behind reverse proxy	Rodolphe	nobody	"I am running a small django app with django admin.
In fact, I only use django admin to edit a few models.

It works fine in local and behind a simple reverse proxy (without path change), but now I have this rewrite rule that changes the path: (it's a nginx ingress rewrite rule for Kubernetes)

path: /diagnosis-admin(/|$)(.*) => $2

Wich means, urls such as mydomain.com/diagnosis-admin redirect to localhost/ (mind the path change).

When I try to access the admin at mydomain.com/diagnosis-admin/admin, django tries to redirect to mydomain.com/admin/, which leads nowhere because it falls on the proxy:

{{{

        Request URL:
        https://mydomain.com/diagnosis-admin/admin
        Request Method:
        GET
        Status Code:
        301
        Remote Address:
        138.21.17.33:3128
        Referrer Policy:
        strict-origin-when-cross-origin
    Response Headers
        content-length:
        0
        content-type:
        text/html; charset=utf-8
        date:
        Tue, 19 Oct 2021 15:11:42 GMT
        location:
        /admin/
        script_name:
        /diagnosis-admin
        strict-transport-security:
        max-age=15724800; includeSubDomains
        x-content-type-options:
        nosniff
}}}

as you can see, django sends a ""location: /admin/"" redirect in the response which causes the error


I had this problem with other applicative frameworks but could solve it since they can interpret the FORWARDED_HOST, FORWARDED_PORT and FORWARDED_PATH headers provided by the proxy.



Additionnal information:
I run django with ""python manage.py runserver 0.0.0.0:8000"" on a docker container (running through GKE)

Everything is pretty standard, I ran the basic django project scafolding, setup the database, auto migrated the models and that's about it. I can provide additionnal files if needed


Additionnal information:
requirements.txt
{{{
requirements.txt:
asgiref==3.2.6
Django==3.0.4
psycopg2==2.8.4
pytz==2019.3
sqlparse==0.3.1
}}}


Dockerfile:
{{{
FROM python:3.6.10-alpine

COPY requirements.txt ./
RUN apk add --no-cache --virtual .build-deps \
    ca-certificates gcc postgresql-dev linux-headers musl-dev \
    libffi-dev jpeg-dev zlib-dev \
    && pip install -r requirements.txt
ENV PYTHONUNBUFFERED 1
RUN pip install -r requirements.txt
COPY . .
EXPOSE 8000
ENTRYPOINT [""python"", ""manage.py""]
CMD [""runserver"", ""0.0.0.0:8000""]

}}}
"	Uncategorized	closed	contrib.admin	3.0	Normal	invalid			Unreviewed	0	0	0	0	0	0