-
Notifications
You must be signed in to change notification settings - Fork 65
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"final class" and CloudFlare proxification error #92
Comments
Since Cloudflare is anyway accessing the API insecurely over http you could also just set.
There is practically no difference between this and trusting an arbitrary header. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If a site is proxied through ClaudFlare using the "Flexible" mode (Encrypts traffic between the browser and Cloudflare), we will always get the error: "Insecure use of middleware over HTTP denied by configuration.".
That's because you incorrectly define the use of the HTTPS protocol in the following lines: https://github.com/tuupola/slim-basic-auth/blob/3.2.1/src/HttpBasicAuthentication.php#L107-L111
When using proxying through cloud providers (CloudFlare), you should use the following code: https://gist.github.com/saippuakauppias/f1082a32f5797755b69b043d4852eda2
I tried to inherit your class and fix it to get around this limitation, but your class is declared as "final".
Why is that done?
PS: It is not possible to use the "Full" proxy mode in a CloudFlare, then you will need to set the slide certificate to nginx for each domain. This is a lot of manual work, which is difficult to automate (certificates are issued in the dashboard, most likely they can be issued through the API, but it's not such a task to spend a lot of time on integration with it).
The text was updated successfully, but these errors were encountered: