Apache reverse proxy - ProxyPassReverseCookieDomain not seeming to work

apache-2.4 proxy cookie
11,720

The ProxyPassReverseCookieDomain directive has syntax:

ProxyPassReverseCookieDomain internal-domain public-domain [interpolate]

Just like in this example for ProxyPassReverse, the order is reversed (back-end first):

ProxyPass         "/mirror/foo/" "http://backend.example.com/"
ProxyPassReverse  "/mirror/foo/" "http://backend.example.com/"
ProxyPassReverseCookieDomain  "backend.example.com"  "public.example.com"
ProxyPassReverseCookiePath  "/"  "/mirror/foo"
Share:
11,720

Related videos on Youtube

mminnie
Author by

mminnie

Updated on September 18, 2022

Comments

  • mminnie
    mminnie over 1 year

    I can't seem to get the Apache directive ProxyPassReverseCookieDomain to actually rewrite the domain.

    My directive is set as such:

    ProxyPassReverseCookieDomain "myinternalproxydomain.com" "thepublicdomain.com"

    I use the Network tab in a browser and I can see the Set-Cookie domain is not being altered. I see the Set-Cookie domain as either thepublicdomain.com or .thepublicdomain.com. I have tried adding

    ProxyPassReverseCookieDomain "myinternalproxydomain.com" ".thepublicdomain.com"

    I have searched and read the documentation, however I am failing to see why the domain of the cookie is not being set.

    <VirtualHost *:443>
DocumentRoot /var/www/myinternalproxydomain.com
ServerName myinternalproxydomain.com

SSLEngine on
SSLCertificateFile /etc/ssl/certs/my.crt
SSLCertificateKeyFile /etc/ssl/private/my.key
SSLCACertificateFile /etc/ssl/certs/my.ca-bundle

SSLProxyEngine On
ProxyRequests Off
ProxyHTMLEnable On
ProxyPreserveHost Off
ProxyHTMLInterp On
ProxyHTMLExtended On
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyPass "/" "https://thepublicdomain.com/"
ProxyPassReverse / https://thepublicdomain.com/
ProxyPassReverseCookiePath / /
ProxyPassReverseCookieDomain "myinternalproxydomain.com" "thepublicdomain.com"
ProxyPassReverseCookieDomain "myinternalproxydomain.com" "thepublicdomain.com"
ProxyPassReverseCookieDomain "myinternalproxydomain.com" ".thepublicdomain.com"

DirectorySlash On
ProxyHTMLURLMap "https://thepublicdomain.com" "/"
<Proxy *>
    AddDefaultCharset off
    Order deny,allow
    Deny from all
    Allow from all
    DirectorySlash On
</Proxy>
<Location />
    ProxyHTMLEnable On
    ProxyPassReverse "/"
    ProxyPassReverseCookieDomain "myinternalproxydomain.com" "thepublicdomain.com"
    ProxyPassReverseCookieDomain "myinternalproxydomain.com" ".thepublicdomain.com"
    ProxyHTMLURLMap https://thepublicdomain.com /
    RequestHeader unset Accept-Encoding
</Location>
<Directory "/var/www/myinternalproxydomain.com">
    AllowOverride All
    Order allow,deny
    allow from all
    Options FollowSymLinks
</Directory>
</VirtualHost>

    Can anyone enlighten me on where I should look to debug this issue?

  • mminnie
    mminnie almost 6 years
    My example server domains maybe weren't clear in my question (now edited). I have the correct order of the ProxyPassReverseCookieDomain.
  • Esa Jokinen
    Esa Jokinen almost 6 years
    Could you share the whole VirtualHost block, please.
  • mminnie
    mminnie almost 6 years
    Edited original question to include entire VirtualHost block
  • Esa Jokinen
    Esa Jokinen almost 6 years
    Now read my answer again. You currently have the backend last while it should be first.
  • Esa Jokinen
    Esa Jokinen almost 6 years
    Also, remove all the noise. You set same directives multiple times. That way you'll never know what did what.
  • mminnie
    mminnie almost 6 years
    I believe the backend myinternalproxydomain.com is first. I renamed the servers in my example to be more clear. I look at the Network tab in Google Chrome DevTools and see the domain is unchanged for the SetCookie
  • Esa Jokinen
    Esa Jokinen almost 6 years
    Rename it as many times as you want, but if it comes second in ProxyPass it should be first in ProxyPassReverseCookieDomain. Have you even once tested with my solution?
  • mminnie
    mminnie almost 6 years
    Thanks for the help Esa. The order didn't change the cookie until I cleaned up and remove the "noise". Once I removed the unnecessary duplicate directives the ProxyPassReverseCookieDomain began to work...on at least one of the two cookies. One cookie has the domain .public.com and the other has public.com. The one with the leading . changed and the other did not. My proxy now appears to work regardless of the domain of the unchanged cookie. Thanks for the patience.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

One single balancer-manager page for multiple virtual hosts
502 from Apache over HTTPS with reverse proxy to Node server on different port
502 proxy error apache reverse proxy
401 Unauthorized error when using Apache 2.4
Carrying cookies across redirects when using Apache as a reverse proxy
Apache 2.4 Proxy for External, Redirect for Internal
Is it possible to replace content on every page passed through a proxy similar to how mod_rewrite is used for URLs?
Inspect WebSocket packages with Charles proxy in Flutter app
Pulling dependencies from an internal repository via pubspec.yaml
How to fix the proxy setup issue with flutter?