✅ Correctly detect secured proxies

2025-08-07 20:10:08 +02:00 · 2022-04-12 20:43:57 +02:00
parent 1b8d6311ba
commit 2c0c0c5a11
7 changed files with 79 additions and 2 deletions
--- a/phpmon-tests/Parsers/NginxConfigurationTest.swift
+++ b/phpmon-tests/Parsers/NginxConfigurationTest.swift
@ -22,6 +22,10 @@ class NginxConfigurationTest: XCTestCase {
        return Bundle(for: Self.self).url(forResource: "nginx-proxy", withExtension: "test")!
    }
    
+    static var secureProxyUrl: URL {
+        return Bundle(for: Self.self).url(forResource: "nginx-secure-proxy", withExtension: "test")!
+    }
+    
    func testCanDetermineSiteNameAndTld() throws {
        XCTAssertEqual(
            "nginx-site",
@ -54,4 +58,10 @@ class NginxConfigurationTest: XCTestCase {
        XCTAssertEqual(nil, normal.proxy)
    }
    
+    func testCanDetermineSecuredProxy() throws {
+        let proxied = NginxConfiguration(filePath: NginxConfigurationTest.secureProxyUrl.path)
+        XCTAssertTrue(proxied.contents.contains("# valet stub: secure.proxy.valet.conf"))
+        XCTAssertEqual("http://127.0.0.1:90", proxied.proxy)
+    }
+    
 }
--- a/Files/nginx/nginx-secure-proxy.test
+++ b/Files/nginx/nginx-secure-proxy.test
@ -0,0 +1,57 @@
+# valet stub: secure.proxy.valet.conf
+
+server {
+    listen 127.0.0.1:80;
+    #listen 127.0.0.1:80; # valet loopback
+    server_name my-proxy.test www.my-proxy.test *.my-proxy.test;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 127.0.0.1:443 ssl http2;
+    #listen 127.0.0.1:443 ssl http2; # valet loopback
+    server_name my-proxy.test www.my-proxy.test *.my-proxy.test;
+    root /;
+    charset utf-8;
+    client_max_body_size 128M;
+    http2_push_preload on;
+
+    location /41c270e4-5535-4daa-b23e-c269744c2f45/ {
+        internal;
+        alias /;
+        try_files $uri $uri/;
+    }
+
+    ssl_certificate "/Users/nicoverbruggen/.config/valet/Certificates/my-proxy.test.crt";
+    ssl_certificate_key "/Users/nicoverbruggen/.config/valet/Certificates/my-proxy.test.key";
+
+    access_log off;
+    error_log "/Users/nicoverbruggen/.config/valet/Log/my-proxy.test-error.log";
+
+    error_page 404 "/Users/nicoverbruggen/.composer/vendor/laravel/valet/server.php";
+
+    location / {
+        proxy_pass http://127.0.0.1:90;
+        proxy_set_header   Host              $host;
+        proxy_set_header   X-Real-IP         $remote_addr;
+        proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
+        proxy_set_header   X-Forwarded-Proto $scheme;
+        proxy_set_header   X-Client-Verify   SUCCESS;
+        proxy_set_header   X-Client-DN       $ssl_client_s_dn;
+        proxy_set_header   X-SSL-Subject     $ssl_client_s_dn;
+        proxy_set_header   X-SSL-Issuer      $ssl_client_i_dn;
+        proxy_set_header   X-NginX-Proxy true;
+        proxy_set_header   Upgrade $http_upgrade;
+        proxy_set_header   Connection "upgrade";
+        proxy_http_version 1.1;
+        proxy_read_timeout 1800;
+        proxy_connect_timeout 1800;
+        chunked_transfer_encoding on;
+        proxy_redirect off;
+        proxy_buffering off;
+    }
+
+    location ~ /\.ht {
+        deny all;
+    }
+}