Hi guys! I'm having an issue here using Ory Proxy via Ory CLI. I'm taking a website to production, and at the moment using the Managed UI (though I'm busy on my own UI because of this problem). The ory proxy setup is as follows:

ory proxy <http://localhost>:<port> https://<domain>

After doing this, the proxy does tell me to access the website using https://<domain> However, when I get to the sign-in page, it is showing http://<domain> and not https://<domain> for the form-action. I am using NGINX as a proxy. Other than proxy_pass, the following is set:

proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";

I also set proxy buffering to ON, as I saw the http context was breaking. However, it still caused this http://<domain> issue in the ManagedUI form regardless. Now, if I do enter my username and password, the browser asks me if I should still send it. If I send anyway, I get the "POST, PUT, PATCH" error appearing. Please can you kindly assist? Thank you and God bless!

Thank you for the report! I'm tagging @User as he has in depth knowledge of the proxy code. Maybe we are not setting the scheme properly? Also which version of ory cli are you using? Make sure to use the latest! :)

Thank you @User and @User! And it's a pleasure! The ORY CLI version is v0.1.28 Hash 2c512117115cd2a7fa448654ce5742e10ee55eee

Glad to see you made it to our slack channel @User 😉 I will take a look quickly into this 🙂

🙌 Thanks @User!! 😉

I cannot reproduce this. Which settings do you have in your ory project? I set everything to its default and I also have no domain setup on my project - basically standard.

Thanks for the response @User Are you asking about the Project Settings available in the managed UI? Such as Identity Schema, Browser Redirects etc? If so, could I message you directly? I'll be working on my custom UI due to deadlines, but I'll also try to use Caddy and see if that works better

yes, are they on the default?

@User mostly on default. I guess I can put them here unless it's actual addresses and ports. They are as follows: • Identity Schema: ◦ Default Identity Schema (Email and Password) ◦ Not customized • No social sign-ins • User interface: currently untouched though I will update for my custom UI • Browser redirects: ◦ "/" for Global, Post-Registration Redirect and Post-Logout Redirect ◦ http://localhost:<port>/ in allowed URL ◦ https://<domain>/ in allowed URL • Authentication ◦ Checked for Enabled Registration, Enable Password Authentication and Sign In After Registration • No Two-factor Authentication • Session Settings ◦ Default hours for session lifespan ◦ Increased privileged session duration • Enable Account Recovery checked • Email verification: All checked • Custom domains: not yet set I am using NGINX with TLS. However, I have been getting that issue (as specified in the original post). I am not sure if there is an issue with my forwarding settings.

quite strange, yeah i guess it has something to do with nginx then. Could you DM me your nginx config?

Sure @User 👍

@User maybe we could add this to our documentation as a guide? We could also add a Caddy guide for local development under a local domain

Thanks for creating an issue Alano! 🙌