Configure nginx to workaround header issue in nopCommerce

Question

I have an Ubuntu VM running docker, with nopCommerce 4.30 and nginx. I wanted to add an authentication plugin, but I found out that there is a known issue https://github.com/nopSolutions/nopCommerce/issues/5584 that prevents these plugins from working while behind a reverse proxy. I am not able to update to 4.50 (version where the issue is fixed) or make changes to the current 4.30 image, other that changing configs like web.config and appsettings.json.

I need a way to fix this return_url address issue or some way to work around it.

One of the ideas I wanted to try is using nginx to replace the http with https in the request, but I do not know how to do it or if there is some sort of check that would prevent that.

Update: The nginx https replacement did not work, seems there is some kind of anti-tampering built in

Answer 1

From the HttpsRequirementAttribute action filter, you can see how nopCommerce handle the http==>https.

Please go to the bellow location src==>Presentation==>Nop.Web.Framework==>Mvc==>Filters==>HttpsRequirementAttribute.cs

here you will see the switch case for HTTP to HTTPS. We comment out this code and handle it from the load balancer and web. config for http to https.

Also at the appsetting.json, we change something like bellow

"Hosting": { "UseHttpClusterHttps": false, "UseHttpXForwardedProto": false, "ForwardedHttpHeader": "" },

Hope this information will help you to deep down more about the issue.