Download URLs do not work with a proxy server in front

[bbrendon]

I spun this up and have haproxy forwarding to express. The SSL is on HAproxy, and express is running as http.

I added the haproxy URL using https as source to choco.

I get back :

...
Installing the following packages:
openssl
By installing, you accept licenses for the packages.
Downloading package from source 'https://url.com/'
[NuGet] Error downloading 'chocolatey-windowsupdate.extension.1.0.5' from 'http://url.com/download/chocolatey-windowsupdate.extension'.
[NuGet] An error occurred while sending the request.

Notice above the https is missing from the nuget line?

Any solutions?

I'm going to attempt an HTTP -> HTTPS redirect but that isn't the best solution.

[joeyparrish]

Is chocolatey constructing that plain HTTP URL, or is the server constructing a plain HTTP URL in response to some HTTPS request?

[joeyparrish]

This could be relevant:

express-chocolatey-server/chocolatey-server.js

Lines 98 to 105 in 750d8f9

	// If we have a buffer for the nupkg file, add a URL that points back to
	// this server to download it. Applications can also provide an explicit,
	// off-site URL. {EXPRESS_URL_ROOT} will be replaced by the root of the
	// request right before serving the response, so that responses can contain
	// absolute URLs without preconfiguring the server with its own address.
	if (entry.nupkgData) {
	entry.url = `{EXPRESS_URL_ROOT}${prefix}download/${entry.id}`;
	}

And this:

express-chocolatey-server/chocolatey-server.js

Lines 176 to 186 in 750d8f9

	function formatPackages(matchedPackages, req) {
	const entries = matchedPackages.map((entry) => {
	return entryTemplate.replace(/{(.*)}/g, (match, key) => xmlescape(entry[key]) || '');
	});
	const url_root = req.protocol + '://' + req.get('host');
	return packagesTemplate
	.replace(/{entries}\n/g, entries.join(''))
	.replace(/{EXPRESS_URL_ROOT}/, url_root);
	}

I think this explains it. This server will construct absolute URLs based on the request, which is the plain HTTP request forwarded from HAProxy.

This zero-config scheme I built doesn't work with a proxy, since the underlying server can't know the address of the proxy.

I think you would need to add some config to supply the URL root when using a proxy.

I suggest you send a PR that:

1. Adds a URL root parameter to configureRoutes. If null/undefined, the existing behavior is used where we deduce the URL root from the incoming request in formatPackages.
2. Add a parameter parser (we use yargs in our other JS projects) and a command-line argument in cli.js to supply this config to configureRoutes.
3. Add an example of this to the "Standalone server" section of README.md