fix: prevent [No Host] panel errors behind CDN or missing Host header

Force nginx to pass the domain as Host, add PANEL_DOMAIN fallback in Flask,
and document that the admin panel must be accessed over HTTP not HTTPS.

Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
dekun
2026-06-16 10:28:00 +08:00
parent 6d82c7eb07
commit ba361eb5b8
5 changed files with 57 additions and 3 deletions
+24 -1
View File
@@ -47,9 +47,32 @@ app.config.update(
)
_panel_path = os.environ.get("PANEL_PATH", "").strip().strip("/")
_panel_domain = os.environ.get("PANEL_DOMAIN", "").strip()
if _panel_path:
app.config["SESSION_COOKIE_PATH"] = f"/{_panel_path}/"
app.wsgi_app = ProxyFix(app.wsgi_app, x_for=1, x_proto=1, x_host=1, x_prefix=1)
app.config["PREFERRED_URL_SCHEME"] = "http"
app.wsgi_app = ProxyFix(
app.wsgi_app, x_for=1, x_proto=1, x_host=0, x_prefix=1
)
class _PanelHostMiddleware:
"""CDN/反代未传 Host 时,避免重定向到 http://[No Host]/...。"""
def __init__(self, app, domain: str):
self.app = app
self.domain = domain
def __call__(self, environ, start_response):
if self.domain and not environ.get("HTTP_HOST"):
environ["HTTP_HOST"] = self.domain
if not environ.get("HTTP_X_FORWARDED_PROTO"):
environ["HTTP_X_FORWARDED_PROTO"] = "http"
return self.app(environ, start_response)
if _panel_domain:
app.wsgi_app = _PanelHostMiddleware(app.wsgi_app, _panel_domain)
def login_required(view):