GitHub user masbayuw reopened a discussion: Issue: Double HTTPS in Redirect URL After Editing User/Role in Superset
### Bug description I am trying to set up Apache Superset behind a reverse proxy with the following flow: Internet → Cloudflare → Nginx Reverse Proxy (172.19.30.29) → Nginx on 172.19.31.179 → Superset (8088) gunicorn However, I am encountering issues where Superset does not function correctly. Some possible symptoms: I am encountering an issue where, after editing a user or role in Superset, the page redirects to an invalid URL with double https://. For example, after clicking Save, the browser is redirected to: [https://https//drp-tsel.digipop.ai/users/list/ ](url) instead of [https://drp-tsel.digipop.ai/users/list/ ](url) Setup Details Nginx Config on 172.19.31.179 (App Server) ``` > server { > listen 80; > server_name drp-tsel.digipop.ai; > access_log /var/log/nginx/superset_access.log; > error_log /var/log/nginx/superset_error.log; > location / { > proxy_pass http://172.19.31.179:8088; > proxy_set_header Host $host; > proxy_set_header X-Real-IP $remote_addr; > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > proxy_set_header X-Forwarded-Proto https; > proxy_set_header X-Forwarded-Host $host; > } > } ``` Nginx Config on Reverse Proxy Server (Cloudflare Proxy) ``` > server { > listen 80; > server_name drp-tsel.digipop.ai; > > access_log /var/log/nginx/superset_access.log; > error_log /var/log/nginx/superset_error.log; > > location / { > proxy_pass http://172.19.31.179:8088; > > proxy_set_header Host drp-tsel.digipop.ai; > proxy_set_header X-Real-IP $remote_addr; > proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; > proxy_set_header X-Forwarded-Proto https; > proxy_set_header X-Forwarded-Host drp-tsel.digipop.ai; > proxy_set_header Referer $http_referer; > proxy_set_header Origin $http_origin; > > proxy_redirect http://172.19.31.179:8088/ > https://drp-tsel.digipop.ai/; > > proxy_connect_timeout 300; > proxy_send_timeout 300; > proxy_read_timeout 300; > send_timeout 300; > } > > location ~ /\.ht { > deny all; > } > > location /logs/ { > deny all; > } > } > ``` Superset Config (superset_config.py) ``` > import os > > APP_NAME = "Digipop Research Platform" > > SECRET_KEY = os.getenv("SUPERSET_SECRET_KEY", > "XuWH37zuM5nLjAufICU0V+/ec52FYSY7j5+YtajcqqpF1kmgQQY9ODa4") > > SQLALCHEMY_DATABASE_URI = > "postgresql://xxxxxxxxx:xxxxxxxxxxx@localhost/superset_db" > > SUPERSET_WEBSERVER_BASEURL = "https://drp-tsel.digipop.ai"; > WEBSERVER_BASEURL = "https://drp-tsel.digipop.ai"; > SUPERSET_WEBSERVER_DOMAINS = ["drp-tsel.digipop.ai"] > > ENABLE_PROXY_FIX = True > PREFERRED_URL_SCHEME = "https" > > HTTP_HEADERS = { > "X-Forwarded-Proto": "https", > "X-Forwarded-For": "$proxy_add_x_forwarded_for", > "X-Forwarded-Host": "drp-tsel.digipop.ai", > "Host": "drp-tsel.digipop.ai", > } > > SUPERSET_FEATURE_FLAGS = { > "ENABLE_REACT_CRUD_VIEWS": True, > "ENABLE_FASTER_SQLLAB_BACKEND_PERSISTENCE": True, > } > > WTF_CSRF_ENABLED = False > WTF_CSRF_EXEMPT_LIST = [] > WTF_CSRF_HEADERS = ["X-CSRFToken", "X-Requested-With"] > > SESSION_COOKIE_SECURE = True > SESSION_COOKIE_HTTPONLY = True > SESSION_COOKIE_SAMESITE = "Lax" > > TALISMAN_ENABLED = False > CONTENT_SECURITY_POLICY_WARNING = False > > WEBDRIVER_BASEURL = "https://drp-tsel.digipop.ai"; > EMAIL_REPORTS_WEBDRIVER_BASEURL = "https://drp-tsel.digipop.ai"; > > ENABLE_CORS = True > CORS_OPTIONS = { > "supports_credentials": True, > "allow_headers": ["*"], > "resources": ["/*"], > "origins": ["https://drp-tsel.digipop.ai";], > } > ``` Troubleshooting Done So Far 1. Checked Nginx logs: No critical errors found. 2. Tested direct access to Superset via http://172.19.31.179:8088: Works fine. Questions 1. Is there anything missing in my Nginx configuration that might be causing Superset to redirect to the internal IP instead of the public domain? 2. Are there any additional settings I need in superset_config.py to properly support reverse proxy setups? 3. Does Superset require any additional headers or environment variables when running behind Cloudflare? 4. Any help would be greatly appreciated! Thanks. 5. Is there an issue with SUPERSET_WEBSERVER_BASEURL that could be causing this double https:// behavior? 6. Are there any known bugs related to redirects behind a reverse proxy in Superset? The following is attached screen recording to better understand the problems I experienced [https://www.awesomescreenshot.com/video/37776039?key=fdf8292d183bea51f914a12d423a2687](url) ### Screenshots/recordings _No response_ ### Superset version 4.1.1 ### Python version 3.10 ### Node version 16 ### Browser Chrome ### Additional context _No response_ ### Checklist - [x] I have searched Superset docs and Slack and didn't find a solution to my problem. - [x] I have searched the GitHub issue tracker and didn't find a similar bug report. - [x] I have checked Superset's logs for errors and if I found a relevant Python stacktrace, I included it here as text in the "additional context" section. GitHub link: https://github.com/apache/superset/discussions/32757 ---- This is an automatically sent email for [email protected]. To unsubscribe, please send an email to: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
