HomePhabricator

Fix protocol serve detection for clustered repositories that terminate HTTPS

Description

Fix protocol serve detection for clustered repositories that terminate HTTPS

Summary:
Ref T10927. Pretty sure the issue is:

  • User makes an HTTPS request.
  • Load balancer terminates it, but with an X-Forwarded-Proto header.
  • secure001 (or whatever; acting as web host) proxies it to secure002 (or whatever; acting as a repository host). This connection is plain HTTP.
  • Since this proxied connection is plain HTTP, we check if the repository can serve over "http", but it can't: only "https". So we fail incorrectly, even though the original user request was HTTPS.

In the long run we should probably forward the X-Forwarded-Proto header, but that has some weird implications and it's broadly fine to allow either protocol to serve as long as the other one is active: configuration like security.require-https is already stronger than these settings.

Test Plan: This is likely only observable in production, but normal cloning still works locally.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10927

Differential Revision: https://secure.phabricator.com/D15856