opensocial osapi endpoint url protocol and https reverse proxy

When running Nuxeo 5.6 behind an https reverse proxy, the generated opensocial container osapi endpoint URLs (opensocial/social/rpc, opensocial/gadgets/api/rpc) do not appear to be generated with the correct https protocol. As a result, I see HTTP Error 500 entries in the log. Should I open a JIRA for this?

0 votes

2 answers



Did you play with the nuxeo.loopback.url or nuxeo.url parameters into your nuxeo.conf ?

See here :

0 votes

I believe the code generating these two specific opensocial urls does not use the nuxeo.loopback.url setting.

In, there are numerous uris/urls defined that are not BaseUris/BaseUrls. Most of these uris/urls contain references to %host% and some to %protocol%, both of which might be problematic in a reverse proxy scenario. Do you agree?

The specific issue with the two above urls may result from the fact that they have hard-coded "http" protocol references instead of %protocol%. In my scenario, if they referenced %protocol%, they might be able to loopback thru the reverse proxy and resolve although this does not seem desirable.

The fix for seems quite relevant here. Should I open a Nuxeo JIRA to implement a similar fix in 5.6 by replacing http://%host%/ with //%host%/?


Yes, please create a ticket and add an answer with link to the ticket. Thanks for your feedback.

See bug NXP-12054

0 votes