[x] I’m using docker compose setup, with modifications (modified .yml files, third party plugins/themes, etc.) - if so, describe your modifications in your post. Before reporting, see if your issue can be reproduced on the unmodified setup.
[ ] I’m not using docker on my primary instance, but my issue can be reproduced on the aforementioned docker setup and/or official demo.
This post is not about feeds served on non-standard ports, I swear
I have setup TTRSS_SELF_URL_PATH: "https://ttrss.mydomain:8000/tt-rss/".
All works well, except after logging in when TT-RSS redirects me to https://ttrss.mydomain/tt-rss/.
After logging in, I need to add the port to the URL and it works. I guess this is a typo somewhere in the source code?
Note that the mobile app on Tiny Tiny RSS - F-Droid repository works without issues despite this.
Here are the X headers I pass to TT-RSS from a LAN IP
X-Forwarded-For: 172.16.10.6
X-Forwarded-Host: ttrss.mydomain:8000
X-Forwarded-Method: GET
X-Forwarded-Port: 8000
X-Forwarded-Proto: https
X-Forwarded-Ssl: on
X-Forwarded-Uri: /tt-rss/
X-Real-Ip: 172.16.10.6
X-Remote-Addr: 172.16.10.6
X-Ssl: on
Technical information:
Tiny Tiny RSS version (including git commit id):
v23.03-0f9488ace
Platform (i.e. Linux distro, Docker, PHP, PostgreSQL, etc) versions:
Debian 11 (bullseye), Docker 23.0.1, PHP Version 8.1.16, PostgreSQL 14
Without OTP all I needed to do was make sure (my frontend) nginx was passing the port back as part of Host and update TTRSS_SELF_URL_PATH.
With OTP enabled, after providing the OTP and submitting I noticed a 302 redirect to /tt-rss, followed by 301 redirect /tt-rss/. Looks like Auth_Internal::authenticate() (when OTP is enabled and the form needs displaying) is double-encoding $return and causing Handler_Public::login() to always redirect to Config::get_self_url() (which strips any trailing slashes, i.e. $SITE/tt-rss).
I can’t reproduce the issue with my setup, but maybe this would work (although maybe not with just blindly adding a slash-- didn’t dig into all scenarios):
i finally had some time to poke at this but naturally i had to fork fucking bitwarden extension first because it decided to warn me about plain HTTP with no way to disable it.
anyway, thanks to @wn_name noticing double-urlencode, i managed to make a much cleaner diff: