From 4ecf4a26bad8f391cd8f15046bcdaa0fee98d2f1 Mon Sep 17 00:00:00 2001 From: Jakob Ackermann Date: Thu, 14 Aug 2025 11:36:49 +0200 Subject: [PATCH] [server-pro] trust local nginx proxy running inside Server Pro/CE (#27719) GitOrigin-RevId: ed9bb136effb1602aa0239b107c116fd6385ebbc --- server-ce/config/settings.js | 23 +++++++++++++++---- .../real-time/config/settings.defaults.js | 4 ++-- services/web/config/settings.defaults.js | 3 ++- 3 files changed, 22 insertions(+), 8 deletions(-) diff --git a/server-ce/config/settings.js b/server-ce/config/settings.js index 3b2bf91ab3..5cd7f79d60 100644 --- a/server-ce/config/settings.js +++ b/server-ce/config/settings.js @@ -184,9 +184,12 @@ const settings = { siteUrl: (siteUrl = process.env.OVERLEAF_SITE_URL || 'http://localhost'), // Status page URL as displayed on the maintenance/500 pages. - statusPageUrl: process.env.OVERLEAF_STATUS_PAGE_URL ? - // Add https:// protocol prefix if not set (Allow plain-text http:// for Server Pro/CE). - (process.env.OVERLEAF_STATUS_PAGE_URL.startsWith('http://') || process.env.OVERLEAF_STATUS_PAGE_URL.startsWith('https://')) ? process.env.OVERLEAF_STATUS_PAGE_URL : `https://${process.env.OVERLEAF_STATUS_PAGE_URL}` + statusPageUrl: process.env.OVERLEAF_STATUS_PAGE_URL + ? // Add https:// protocol prefix if not set (Allow plain-text http:// for Server Pro/CE). + process.env.OVERLEAF_STATUS_PAGE_URL.startsWith('http://') || + process.env.OVERLEAF_STATUS_PAGE_URL.startsWith('https://') + ? process.env.OVERLEAF_STATUS_PAGE_URL + : `https://${process.env.OVERLEAF_STATUS_PAGE_URL}` : undefined, maintenanceMessage: process.env.OVERLEAF_MAINTENANCE_MESSAGE, maintenanceMessageHTML: process.env.OVERLEAF_MAINTENANCE_MESSAGE_HTML, @@ -244,8 +247,8 @@ const settings = { // then set this to true to allow it to correctly detect the forwarded IP // address and http/https protocol information. - behindProxy: process.env.OVERLEAF_BEHIND_PROXY || false, - trustedProxyIps: process.env.OVERLEAF_TRUSTED_PROXY_IPS, + behindProxy: true, + trustedProxyIps: process.env.OVERLEAF_TRUSTED_PROXY_IPS || 'loopback', // The amount of time, in milliseconds, until the (rolling) cookie session expires cookieSessionLength: parseInt( @@ -480,6 +483,16 @@ switch (process.env.OVERLEAF_FILESTORE_BACKEND) { } } +if ( + !settings.trustedProxyIps.includes('loopback') && + !settings.trustedProxyIps.includes('localhost') && + !settings.trustedProxyIps.includes('127.0.0.1') +) { + throw new Error( + 'OVERLEAF_TRUSTED_PROXY_IPS must include one of "loopback", "localhost" or "127.0.0.1", which trusts the nginx instance running inside the container' + ) +} + // With lots of incoming and outgoing HTTP connections to different services, // sometimes long running, it is a good idea to increase the default number // of sockets that Node will hold open. diff --git a/services/real-time/config/settings.defaults.js b/services/real-time/config/settings.defaults.js index 57b0a50a42..94f4bb8fe1 100644 --- a/services/real-time/config/settings.defaults.js +++ b/services/real-time/config/settings.defaults.js @@ -170,8 +170,8 @@ const settings = { shutdownOnUncaughtError: true, }, - behindProxy: process.env.BEHIND_PROXY === 'true', - trustedProxyIps: process.env.TRUSTED_PROXY_IPS, + behindProxy: true, + trustedProxyIps: process.env.TRUSTED_PROXY_IPS || 'loopback', keepAliveTimeoutMs: parseInt(process.env.KEEPALIVE_TIMEOUT_MS ?? '5000', 10), allowedCorsOrigins: process.env.REAL_TIME_ALLOWED_CORS_ORIGINS, } diff --git a/services/web/config/settings.defaults.js b/services/web/config/settings.defaults.js index 3906ead8a0..701df97244 100644 --- a/services/web/config/settings.defaults.js +++ b/services/web/config/settings.defaults.js @@ -661,7 +661,8 @@ module.exports = { // If you are running Overleaf behind a proxy (like Apache, Nginx, etc) // then set this to true to allow it to correctly detect the forwarded IP // address and http/https protocol information. - behindProxy: false, + behindProxy: true, + trustedProxyIps: process.env.TRUSTED_PROXY_IPS || 'loopback', // Delay before closing the http server upon receiving a SIGTERM process signal. gracefulShutdownDelayInMs: