I have Confluence set up behind a reverse proxy.
I redirect https://skowron.it/zbyl to http://localhost/zbyl
What I have done:
It mostly works.
However I get this message on each Confluence page I visit:
"Confluence's base URL is set to https://skowron.it/zbyl but you are accessing Confluence from https://skowron.itundefined."
I have managed to debug it to a point, where AJS.contextPath() function returns undefined.
As a result some features of Confluence don't work, because the browser sends requests to bad addresses, such as: "undefined/rest/webResources/1.0/resources" or "undefined/rest/analytics/1.0/publish/bulk".
Oddly enough when I view HTML source of the generated pages. there are 3 places with "context-path", and they all have valid value: "/zbyl".
And yet AJS.contextPath() returns undefined.
For completeness those 3 places are as follows:
<meta id="confluence-context-path" name="confluence-context-path" content="/zbyl">
<meta id="confluence-base-url" name="confluence-base-url" content="https://skowron.it/zbyl">
<meta name="ajs-context-path" content="/zbyl">
<meta name="ajs-base-url" content="https://skowron.it/zbyl">
WRM._unparsedData["com.atlassian.plugins.atlassian-plugins-webresource-plugin:context-path.context-path"]="\u0022\u005C/zbyl\u0022";
I cannot find any workaround or solution for this problem.
There is however one post with similar symptoms (same broken links) here:
https://community.atlassian.com/t5/Confluence-questions/Collaborative-editing-doesn-t-work-with-NGINX-reverse-proxy/qaq-p/594986
Hi Zbigniew,
It sounds like the context path is set up correctly in Confluence, based on How to change the Confluence context path.
Since you used proxyPort 443, it sounds like you are terminating SSL at the proxy. Please compare your NGINX configuration to this one, from: Running Confluence behind NGINX with SSL
server {
listen www.example.com:80;
server_name www.example.com;
listen 443 default ssl;
ssl_certificate /usr/local/etc/nginx/ssl/nginx.crt;
ssl_certificate_key /usr/local/etc/nginx/ssl/nginx.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location /confluence {
client_max_body_size 100m;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8090/confluence;
}
location /synchrony {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8091/synchrony;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
Hello,
Thanks for your reply.
It turned out that the reverse proxy was additionally set up to alter "Content-Security-Policy" and "Strict-Transport-Security" HTTP headers.
After removing settings related to that it all works fine.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.