Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow to proxy from HTTPS to HTTP #6869

Open
1 task done
dluc opened this issue Dec 5, 2024 · 1 comment
Open
1 task done

Allow to proxy from HTTPS to HTTP #6869

dluc opened this issue Dec 5, 2024 · 1 comment
Labels
area-app-model Issues pertaining to the APIs in Aspire.Hosting, e.g. DistributedApplication untriaged New issue has not been triaged

Comments

@dluc
Copy link

dluc commented Dec 5, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Is your feature request related to a problem? Please describe the problem.

When using .WithHttpEndpoint() Aspire automatically proxies, from an HTTP endpoint to target HTTP endpoint.

When using .WithHttpsEndpoint() Aspire automatically proxies from an HTTPS endpoint to target HTTP endpoint. In this scenario, it leverages .NET dev cert, which is trusted, a nice to have when working with web apps locally, so the user doesn't get security alerts.

However, there is no way to have an HTTPS endpoing proxying to a target HTTP endpoint. For instance, when serving a web site and working with OAuth, one might need to use HTTPS.

On Azure, the platform takes care of proxying from HTTPS to HTTP.
Aspire doesn't offer the same, so one has to implement SSL locally with custom certs, to be created and configured, leading to more work. Another approach is spinning up, only locally, a reverse proxy app/container like stunnel, grok, and similar, to do that, something like this:

var httpApp = builder
                 .AddProject<MyApp>()
                 .WithHttpEndpoint();

var httpsApp = builder.AddProject<Proxy>()
                 .WithEnvironment("TARGET_ENDPOINT", httpApp.GetEndpoint("http"))
                 .WithHttpsEndpoint();

Describe the solution you'd like

Allow to map from HTTPS to HTTP, something like

var httpsApp = builder
                 .AddProject<MyApp>()
                 .WithHttpsEndpoint(httpsTarget = false); // the internal endpoint will be http://...

This way, the HTTPS endpoint will leverage .NET dev cert, and the internal endpoint is a simple HTTP endpoint that doesn't require and SSL configuration.
@joperezr joperezr added the untriaged New issue has not been triaged label Dec 9, 2024
@DamianEdwards
Copy link
Member

The proxying that Aspire does during the local dev inner loop today is TCP-level, not HTTP level, so it can't easily proxy from HTTPS to HTTP. There are other issues covering HTTP ingress and better support for HTTPS using the dev cert though that would likely improve your scenario:

@joperezr joperezr added the area-app-model Issues pertaining to the APIs in Aspire.Hosting, e.g. DistributedApplication label Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area-app-model Issues pertaining to the APIs in Aspire.Hosting, e.g. DistributedApplication untriaged New issue has not been triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DamianEdwards @dluc @joperezr