added "trust proxy" config option with default to true

src/install.js

@@ -25,7 +25,13 @@ var async = require('async'),
 			description: 'Use a port number to access NodeBB?',
 			'default': (nconf.get('use_port') !== undefined ? (nconf.get('use_port') ? 'y' : 'n') : 'y'),
 			pattern: /y[es]*|n[o]?/,
-			message: 'Please enter \'yes\' or \'no\'',
+			message: 'Please enter \'yes\' or \'no\''
+		}, {
+			name: 'use_proxy',
+			description: 'is NodeBB behind a proxy?',
+			'default': (nconf.get('use_proxy') !== undefined ? (nconf.get('use_proxy') ? 'y' : 'n') : 'y'),
+			pattern: /y[es]*|n[o]?/,
+			message: 'Please enter \'yes\' or \'no\''
 		}, {
 			name: 'secret',
 			description: 'Please enter a NodeBB secret',
@@ -141,6 +147,7 @@ var async = require('async'),
 							config.bcrypt_rounds = 12;
 							config.upload_path = '/public/uploads';
 							config.use_port = config.use_port.slice(0, 1) === 'y';
+							config.use_proxy = config.use_proxy.slice(0, 1) === 'y';
 
 							var urlObject = url.parse(config.base_url),
 								relative_path = (urlObject.pathname && urlObject.pathname.length > 1) ? urlObject.pathname : '',
@@ -218,7 +225,7 @@ var async = require('async'),
 							value: 1
 						}, {
 							field: 'allowFileUploads',
-							value: 0,
+							value: 0
 						}, {
 							field: 'maximumFileSize',
 							value: 2048

src/login.js

@@ -93,7 +93,7 @@ var user = require('./user'),
 				});
 			}
 		});
-	}
+	};
 
 	Login.loginViaGoogle = function(gplusid, handle, email, callback) {
 		user.getUidByGoogleId(gplusid, function(err, uid) {
@@ -115,7 +115,7 @@ var user = require('./user'),
 					callback(null, {
 						uid: uid
 					});
-				}
+				};
 
 				user.getUidByEmail(email, function(err, uid) {
 					if(err) {
@@ -136,7 +136,7 @@ var user = require('./user'),
 				});
 			}
 		});
-	}
+	};
 
 	Login.loginViaFacebook = function(fbid, name, email, callback) {
 		user.getUidByFbid(fbid, function(err, uid) {
@@ -158,7 +158,7 @@ var user = require('./user'),
 					callback(null, {
 						uid: uid
 					});
-				}
+				};
 
 				user.getUidByEmail(email, function(err, uid) {
 					if(err) {

src/webserver.js

@@ -191,6 +191,24 @@ if(nconf.get('ssl')) {
 
 				app.use(express.csrf());
 
+				// double negative here to support config.json without 'use_proxy' set to true, so unless it's specifically set to false, it's true
+				// todo: remove double negative with a minor release, where backward compatibility can be broken
+				// and if dev mode, then it's probably not behind a proxy but it can be forced by setting 'use_proxy' to '1'
+
+				if (nconf.get('use_proxy') === false) {
+					winston.info('\'use_proxy\' is set to false in config file, skipping \'trust proxy\'');
+
+				} else if (!nconf.get('use_proxy') && process.env.NODE_ENV === 'development') {
+					winston.info('\'use_proxy\' is not set, skipping because you\'re in development env. Set to true to force enabling it.');
+
+				} else {
+					winston.info('\'use_proxy\''
+						+ (nconf.get('use_proxy') === true ? ' is set to true ' : ' is not set ')
+						+ 'in config file, enabling \'trust proxy\', set to false to disable it.');
+
+					app.enable('trust proxy');
+				}
+
 				// Local vars, other assorted setup
 				app.use(function (req, res, next) {
 					nconf.set('https', req.secure);
@@ -210,7 +228,7 @@ if(nconf.get('ssl')) {
 						user.setUserField(req.user.uid, 'lastonline', Date.now());
 					}
 					next();
-				})
+				});
 
 				next();
 			},