Added 'proxy_set_header X-Forwarded-Proto $scheme;' to nginx

configuration. Clearance/Devise authentication over HTTPS would fail without it due to CSRF errors. This issue explains it best: heartcombo/devise#2734
bluz71 · Feb 16, 2017 · 7d08438 · 7d08438
1 parent 424433b
commit 7d08438
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/config/nginx.conf b/config/nginx.conf
@@ -64,6 +64,11 @@ server {
     location @app {
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header Host $http_host;
+        # X-Forwarded-Proto is required for Devise/Clearance authentication
+        # to work over HTTPS otherwise both will fail with 'Can't verify CSRF
+        # token authenticity' errors. See this issue for more details:
+        #   https://github.com/plataformatec/devise/issues/2734
+        proxy_set_header X-Forwarded-Proto $scheme;
         proxy_redirect off;
 
         proxy_pass http://app;