Redirect failed(to the localhost domain)

request the index page, the server determines if the client is logged in. If not, redirects to the login page(I want is mydomain/login ).but I receive the redirection is localhost\login

I queried some of caddy documents but didn’t find a solution

part of python code

@app.route('/')
def index():
    if session.get('username'):
        return render_template('index.html')
    else:
        return redirect(url_for('login'))

my caddy configuration

domain {
    tls myemail
    gzip
    timeouts none
    proxy / localhost:5000

}

curl output

# curl -i https://mydomain
HTTP/2 302
content-type: text/html; charset=utf-8
date: Tue, 21 May 2019 14:11:54 GMT
location: http://localhost:5000/login
server: Caddy
server: Werkzeug/0.15.2 Python/3.6.7
content-length: 217

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>Redirecting...</title>
<h1>Redirecting...</h1>
<p>You should be redirected automatically to target URL: <a href="/login">/login</a>.  If not click the link.

what should I do ?

Hi @SmileJack, welcome to the Caddy community.

Without knowing exactly how your app works, I’m not sure exactly what you need to do to fix it.

Ideally, your app should not include the hostname in the Location header at all, unless it needs to redirect away from itself. Doing so is very proxy-hostile behaviour.

Failing that, the app would ideally take a cue from the proxy to inform what hostname it should use in the Location header. Conventionally, this is retrieved from the Host header. You can use the transparent preset to have Caddy forward the client-requested Host header (and some other useful proxy information besides).

Finally, as a last resort, there is some as yet undocumented functionality in the proxy directive that will allow you to rewrite a proxied header with regex, available in the latest versions of Caddy. That functionality is described here: https://github.com/mholt/caddy/pull/2144

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.