fix x-forwarded-prefix header consumption

   Now that I have experimented with X-Forwarded-Prefix and reverse
   proxies, this logic works correctly now!

4 files changed, 27 insertions, 7 deletions

diff --git a/NEWS b/NEWS
new file mode 100644
index 0000000..efc80e4
--- /dev/null
+++ b/NEWS
@@ -0,0 +1,3 @@
+fuss 0.0.2 - 2021-09-24
+* Use X-Forwarded-Prefix header correctly
+* Add nginx example
diff --git a/extra/fuss.conf.apache b/extra/fuss.conf.apache
index 661b708..d52c7ee 100644
--- a/extra/fuss.conf.apache
+++ b/extra/fuss.conf.apache
@@ -52,9 +52,10 @@
    ProxyPassReverse /fuss http://localhost:5003/
    <Location /fuss>
       # a2enmod headers. These are extra ones that are not provided by Apache natively.
-      RequestHeader append X-Forwarded-Prefix "/fuss"
       RequestHeader set X-Forwarded-Proto "https"
+      # This header is not required to be set manually. The ProxyPass orand Location directive already provide it!
+      #RequestHeader append X-Forwarded-Prefix "/fuss"
    </Location>
 
 </VirtualHost>
-# vim:set syntax=apache ts=3 sw=3 sts=3 sr noet:
+# vim:set syntax=apache ts=3 sw=3 sts=3 sr et:
diff --git a/extra/fuss.conf.nginx b/extra/fuss.conf.nginx
new file mode 100644
index 0000000..9607cf6
--- /dev/null
+++ b/extra/fuss.conf.nginx
@@ -0,0 +1,11 @@
+# Nginx example config for fuss application
+location /fuss/ {
+   proxy_redirect    off;
+   proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+   proxy_set_header  X-Real-IP $remote_addr;
+   proxy_set_header  X-Script-Name /albion;
+   proxy_set_header  Host $host;
+   proxy_set_header  X-Forwarded-Proto $scheme;
+   proxy_set_header  X-Forwarded-Prefix "/fuss";
+   proxy_pass  https://localhost:5003/;
+}
diff --git a/fuss.py b/fuss.py
index d3f915e..b67cbef 100644
--- a/fuss.py
+++ b/fuss.py
@@ -21,7 +21,7 @@ from flask_script import Manager, Server # python3-flask-script
 import magic # python3-magic, see below
 from hashlib import sha256
 from mimetypes import guess_extension
-import os, sys, time, json, base64
+import os, sys, time, json, base64, re
 from datetime import datetime, date
 from uwsgidecorators import * # python3-uwsgidecorators
 from logging.config import dictConfig
@@ -48,6 +48,9 @@ def trim_dict(a,max_length=40):
          b[i] = a[i]
    return b
 
+def normalize(instring):
+   return re.sub("//","/",instring)
+
 # load config file
 # Load it from the current directory, which is not FHS-compliant
 #conf_file = os.path.join(os.path.dirname(os.path.realpath(__file__)),"fuss.conf")
@@ -266,9 +269,10 @@ def print_files(path=None,format="text",header=False):
             _server = "http://" + request.headers["Host"]
          try:
             _prefix = request.headers["X-Forwarded-Prefix"]
+            #app.logger.warn("This is x-forwarded-prefix: {0}".format(request.headers["X-Forwarded-Prefix"])) # REMOVEME
             _temp = _prefix.replace(", ", "\n").split('\n')
-            if len(_temp) > 1:
-               _prefix = _temp[0]
+            _temp = normalize("/".join(_temp))
+            _prefix = _temp
          except:
             _prefix = "/"
             app.logger.warn("Failed to get x-forwarded-prefix")
@@ -453,9 +457,10 @@ def html_template(filename="",full=False):
          _server = "http://" + request.headers["Host"]
       try:
          _prefix = request.headers["X-Forwarded-Prefix"]
+         #app.logger.warn("This is x-forwarded-prefix: {0}".format(request.headers["X-Forwarded-Prefix"])) # REMOVEME
          _temp = _prefix.replace(", ", "\n").split('\n')
-         if len(_temp) > 1:
-            _prefix = _temp[0]
+         _temp = normalize("/".join(_temp))
+         _prefix = _temp
       except:
          _prefix = "/"
    if full: