Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API Hardcoded to /api/, Preventing Custom Base Path Usage #4698

Open
2 tasks done
enossuy opened this issue Feb 26, 2025 · 0 comments
Open
2 tasks done

API Hardcoded to /api/, Preventing Custom Base Path Usage #4698

enossuy opened this issue Feb 26, 2025 · 0 comments
Labels
defect Something isn't working in triage

Comments

@enossuy
Copy link

enossuy commented Feb 26, 2025
edited
Loading

Current Behavior

I deployed Dependency-Track on a server using Docker Compose and configured Apache as a reverse proxy to serve the frontend at /dtrack and the API at /dtrack/api/. Although it seems the API is hardcoded to /api/, so I get a 404 http response
I attempted to configure the API to be under /dtrack/ by modifying API_BASE_URL in the docker-compose file : API_BASE_URL: "https://XXXXXXXXX.com/dtrack" and updating config.json : {
"apiBaseUrl": "https://XXXXXXXX.com/dtrack/api"
}
, but it appears it has no effect.

So I used the default configuration, meaning to use /api/ location, and this time the UI loads correctly at /dtrack, and the API requests are being made to /api/ (which is not exactly optimal)

here is my current working reverse proxy config

<VirtualHost *:443>
    ServerName XXXXXXXX.com
    ServerAdmin webmaster@localhost

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/XXXXX.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/XXXXX.com/privkey.pem

    <Location /dtrack>
      ProxyPass http://127.0.0.1:8080/dtrack
      ProxyPassReverse http://127.0.0.1:8080/dtrack
    </Location>

    <Location /api/>
      ProxyPass http://127.0.0.1:8081/api/
      ProxyPassReverse http://127.0.0.1:8081/api/
    </Location>

    <Location /js>
      ProxyPass http://127.0.0.1:8080/js
      ProxyPassReverse http://127.0.0.1:8080/js
    </Location>

    <Location /css>
      ProxyPass http://127.0.0.1:8080/css
      ProxyPassReverse http://127.0.0.1:8080/css
    </Location>

    <Location /img>
      ProxyPass http://127.0.0.1:8080/img
      ProxyPassReverse http://127.0.0.1:8080/img
    </Location>

	ErrorLog ${APACHE_LOG_DIR}/ssl-error.log
	CustomLog ${APACHE_LOG_DIR}/ssl-access.log combined


</VirtualHost>

Looking for guidance on how to properly configure the API path without breaking the frontend. (i.e. namespacing the API under /dtrack/api/)

Steps to Reproduce

  1. Deploy Dependency-Track using Docker Compose with the provided Apache reverse proxy.
  2. Modify API_BASE_URL to https://XXXXXX/dtrack and config.json to point to {"apiBaseUrl": "https://XXXXXXXX.com/dtrack/api"}
  3. Open /dtrack in a browser.
  4. Observe that API calls are made to /api/
  5. Change the reverse proxy configuration such that /api/ points to /dtrack/api/
  6. Restart services, clear cache, and reload the page.
  7. The API still requests /api/, you get 404 errors.

Expected Behavior

  • The UI should load correctly at /dtrack/.
  • API requests should go to /dtrack/api/ instead of /api/.

Dependency-Track Version

4.12.5

Dependency-Track Distribution

Container Image

Database Server

PostgreSQL

Database Server Version

17.3

Browser

Google Chrome

Checklist
@enossuy enossuy added defect Something isn't working in triage labels Feb 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
defect Something isn't working in triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@enossuy