oikos

openclaw/oikos

Fork 0

Commit Graph

Author	SHA1	Message	Date
Ulas	3f387b616e	fix: default TRUST_PROXY to 1 for Docker+reverse-proxy setups (#46 ) With the previous default of 'loopback', Express ignored X-Forwarded-Proto headers from Caddy/nginx when running in Docker (bridge IP, not loopback). This caused req.secure=false, which made express-session silently drop the session cookie on login - resulting in a 401 on every subsequent request. Changing the default to 1 (trust one proxy hop) fixes this for all standard Docker+reverse-proxy deployments without requiring manual configuration.	2026-04-14 09:04:06 +02:00
Ulas	2f6127911e	fix(imports): convert require() to ESM import for randomBytes in auth.js	2026-04-03 23:00:38 +02:00

Author

SHA1

Message

Date

Ulas

3f387b616e

fix: default TRUST_PROXY to 1 for Docker+reverse-proxy setups (#46 )

With the previous default of 'loopback', Express ignored X-Forwarded-Proto
headers from Caddy/nginx when running in Docker (bridge IP, not loopback).
This caused req.secure=false, which made express-session silently drop the
session cookie on login - resulting in a 401 on every subsequent request.

Changing the default to 1 (trust one proxy hop) fixes this for all standard
Docker+reverse-proxy deployments without requiring manual configuration.

2026-04-14 09:04:06 +02:00

Ulas

2f6127911e

fix(imports): convert require() to ESM import for randomBytes in auth.js

2026-04-03 23:00:38 +02:00

2 Commits