You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If a site is proxied through ClaudFlare using the "Flexible" mode (Encrypts traffic between the browser and Cloudflare), we will always get the error: "Insecure use of middleware over HTTP denied by configuration.".
I tried to inherit your class and fix it to get around this limitation, but your class is declared as "final".
Why is that done?
PS: It is not possible to use the "Full" proxy mode in a CloudFlare, then you will need to set the slide certificate to nginx for each domain. This is a lot of manual work, which is difficult to automate (certificates are issued in the dashboard, most likely they can be issued through the API, but it's not such a task to spend a lot of time on integration with it).
The text was updated successfully, but these errors were encountered:
If a site is proxied through ClaudFlare using the "Flexible" mode (Encrypts traffic between the browser and Cloudflare), we will always get the error: "Insecure use of middleware over HTTP denied by configuration.".
That's because you incorrectly define the use of the HTTPS protocol in the following lines: https://github.com/tuupola/slim-basic-auth/blob/3.2.1/src/HttpBasicAuthentication.php#L107-L111
When using proxying through cloud providers (CloudFlare), you should use the following code: https://gist.github.com/saippuakauppias/f1082a32f5797755b69b043d4852eda2
I tried to inherit your class and fix it to get around this limitation, but your class is declared as "final".
Why is that done?
PS: It is not possible to use the "Full" proxy mode in a CloudFlare, then you will need to set the slide certificate to nginx for each domain. This is a lot of manual work, which is difficult to automate (certificates are issued in the dashboard, most likely they can be issued through the API, but it's not such a task to spend a lot of time on integration with it).
The text was updated successfully, but these errors were encountered: