Re: Bad Cookies with reverse proxy

Hi,

If you are using latest version then could you please try setting ENHANCED_COOKIE_PROTECTION = False in your config_local.py file?

We have recently added this config parameter for similar kind of issue. 

Ref: https://redmine.postgresql.org/issues/4566

--

Regards,

Murtuza Zabuawala
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

On Wed, Sep 4, 2019 at 4:33 PM Albert Serrallé <albert.serralle@adevinta.com> wrote:

Hello,

I've been trying to setup a pgadmin on Kubernetes behind an nginx ingress that handles the TLS termination. I cannot modify the configuration of that ingress, so I've deployed an additional nginx to handle the reverse proxy config for pgadmin:

nginx ingress (tls termination) -> nginx -> pgadmin

The config of my reverse proxy is:

upstream http_backend {

server localhost:8080;

keepalive 16;

}

server {

listen 5050;

server_name _;

location / {

proxy_set_header X-Scheme https;

proxy_set_header X-Forwarded-Proto https;

proxy_set_header X-Forwarded-Port 443;

proxy_set_header X-Original-Forwarded-For "";

proxy_set_header Host $host;

proxy_pass http://http_backend/;

proxy_redirect off;

proxy_http_version 1.1;

proxy_set_header Connection "";

}

}

It works, all the Location headers are good, the problem is that the returned Cookies are not valid. If I curl the root of the server, and then save the returned cookie and use it again on a subsequent request, a new cookie is issued instead of keepking the previous one (so I guess the server doesn't like it).

The outcome is that in a browser there's an infinite loop of redirects, trying to get a good cookie with no success.

I've been looking this thread: https://www.postgresql.org/message-id/flat/5d14f954.1c69fb81.e188f.9c5b%40mx.google.com but the config used by them is already in my config, my redirects are good, but the cookies still are bad.

I was thinking: what can make a pgadmin server discard a cooke?

Thanks.