From cb682ac5840dd6217dc1157fd31d4116fc81870b Mon Sep 17 00:00:00 2001
From: James Allen <james@sharelatex.com>
Date: Wed, 25 Jun 2014 10:34:23 +0100
Subject: [PATCH] Add in more robust support for being behind a proxy

---
 services/web/app/coffee/infrastructure/Server.coffee | 6 ++++--
 services/web/app/coffee/router.coffee                | 3 +++
 services/web/config/settings.defaults.coffee         | 5 +++++
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/services/web/app/coffee/infrastructure/Server.coffee b/services/web/app/coffee/infrastructure/Server.coffee
index 22600b4e39..5290a65233 100644
--- a/services/web/app/coffee/infrastructure/Server.coffee
+++ b/services/web/app/coffee/infrastructure/Server.coffee
@@ -37,14 +37,16 @@ ignoreCsrfRoutes = []
 app.ignoreCsrf = (method, route) ->
 	ignoreCsrfRoutes.push new express.Route(method, route)
 
-app.configure ()->
+app.configure () ->
+	if Settings.behindProxy
+		app.enable('trust proxy')
 	app.use express.static(__dirname + '/../../../public', {maxAge: staticCacheAge })
 	app.set 'views', __dirname + '/../../views'
 	app.set 'view engine', 'jade'
 	app.use express.bodyParser(uploadDir: Settings.path.uploadFolder)
 	app.use cookieParser
 	app.use express.session
-		proxy: true
+		proxy: Settings.behindProxy
 		cookie:
 			maxAge: cookieSessionLength
 			secure: Settings.secureCookie
diff --git a/services/web/app/coffee/router.coffee b/services/web/app/coffee/router.coffee
index 2206e495e8..b019865bf7 100644
--- a/services/web/app/coffee/router.coffee
+++ b/services/web/app/coffee/router.coffee
@@ -198,6 +198,9 @@ module.exports = class Router
 				userCanSeeDropbox: true
 				languages: []
 
+		app.get "/ip", (req, res, next) ->
+			res.send("ShareLaTeX sees your IP as: #{req.ip}")
+
 		app.get '/oops-express', (req, res, next) -> next(new Error("Test error"))
 		app.get '/oops-internal', (req, res, next) -> throw new Error("Test error")
 		app.get '/oops-mongo', (req, res, next) ->
diff --git a/services/web/config/settings.defaults.coffee b/services/web/config/settings.defaults.coffee
index 276e513efd..098e54e9d2 100644
--- a/services/web/config/settings.defaults.coffee
+++ b/services/web/config/settings.defaults.coffee
@@ -191,6 +191,11 @@ module.exports =
 	# cookie with a secure flag (recommended).
 	secureCookie: false
 
+	# If you are running ShareLaTeX behind a proxy (like Apache, Nginx, etc)
+	# then set this to true to allow it to correctly detect the forwarded IP
+	# address and http/https protocol information.
+	behindProxy: false
+
 	# Internal configs
 	# ----------------
 	path: