fix: default TRUST_PROXY to 1 for Docker+reverse-proxy setups (#46)
With the previous default of 'loopback', Express ignored X-Forwarded-Proto headers from Caddy/nginx when running in Docker (bridge IP, not loopback). This caused req.secure=false, which made express-session silently drop the session cookie on login - resulting in a 401 on every subsequent request. Changing the default to 1 (trust one proxy hop) fixes this for all standard Docker+reverse-proxy deployments without requiring manual configuration.
This commit is contained in:
Ulas
+1
-1
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "oikos",
|
||||
"version": "0.18.1",
|
||||
"version": "0.18.2",
|
||||
"description": "Self-hosted family planner - calendar, tasks, shopping, meal planning, budget and more. Private, open-source, no subscription.",
|
||||
"main": "server/index.js",
|
||||
"type": "module",
|
||||
|
||||
Reference in New Issue
Block a user