Redirect to 127.0.0.1 Using Boringproxy with Nextcloud, DokuWiki, Collabora Online, Revive Adserver, and Others

So far boringproxy has been a wonderful solution for me, but I continually have errors with redirects to 127.0.0.1
With Nextcloud (docker) I solved it using the OVERWRITEHOST environment variable, but I haven’t found equivalent options for other services.
For example, today I set up Collabora Online using docker for nextcloud, but accessing a document produces this error:

Content Security Policy: The page’s settings blocked the loading of a resource at https://127.0.0.1:9980/browser/bacb4ed/cool.html?WOPISrc=https%3A%2F%2Fnextcloud.example.com%2Findex.php%2Fapps%2Frichdocuments%2Fwopi%2Ffiles%2F304_oc3h2gxy8mbl&title=test.odt&lang=en&closebutton=1&revisionhistory=1 (“form-action”).

Another example is DokuWiki. Upon saving a file or logging in, the browser recieves a 302 FOUND error and redirects to 127.0.0.1:

I noticed some other users experienced similar errors such as
github boringproxy issue #8
Also, a statement was made on github boringproxy issue #43 saying

Unfortunately there isn’t much boringproxy can do in these situations. Each individual server software has to be configured to run behind a reverse proxy. It might be easier to first get your setup working with Caddy or nginx, then try boringproxy, because it’s far less likely that those programs have bugs.

Other reverse proxies, such as Apache and Nginx, have many advanced configuration options such as the ones needed for collabora online editor which use proxy_set_header Host $http_host; to ensure this error doesn’t occur.

Is there any way boringproxy could be configured to do the same thing? I noticed here that boringproxy uses the X-Forwarded-For header, perhaps the Host header could be set as well?

One more question:
Apache’s Guacamole requires flushpackets=on, is there a similar configuration option for boringproxy?

Hi,

Did you try to add your tunnel with “Client RAW TLS” as selected?

It probably will need so time to propagate after changing. Any wipe of your session/browser cache will help, I suggest

1 Like

Thank you for your quick response.
Client Raw TLS seems to work for DokuWiki with one exception: each time the redirect to 127.0.0.1 would occur with server HTTPS it instead redirects to http://wiki.example.com which annoys the web browser, but should work fine.
With Nextcloud however I am receiving the following error:
2022/08/22 16:16:01 readfrom tcp 127.0.0.1:55122->127.0.0.1:1443: tls: first record does not look like a TLS handshake
And a similar issue with Apache
2022/08/22 16:31:36 readfrom tcp 127.0.0.1:41238->127.0.0.1:8444: tls: first record does not look like a TLS handshake
Collabora Online is giving PR_END_OF_FILE_ERROR

For anyone who found this in the search results:
The main conversation has been moved to this GitHub issue