merge

applications/KonSoft.AuthServer/KonSoftAuthServerModule.cs

@@ -56,18 +56,13 @@ public class KonSoftAuthServerModule : AbpModule
             });
         });
 
-        if (!hostingEnvironment.IsDevelopment())
+        context.Services.Configure<ForwardedHeadersOptions>(options =>
         {
-            PreConfigure<ForwardedHeadersOptions>(options =>
+            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
-            {
-                options.ForwardedHeaders = ForwardedHeaders.XForwardedFor |
-                                           ForwardedHeaders.XForwardedProto |
-                                           ForwardedHeaders.XForwardedHost;
-
-                options.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("::ffff:127.0.0.1"), 104));
-                options.KnownProxies.Add(IPAddress.Parse("::ffff:127.0.0.1"));
         });
 
+        if (!hostingEnvironment.IsDevelopment())
+        {
             PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
             {
                 options.AddDevelopmentEncryptionAndSigningCertificate = false;
@@ -142,16 +137,19 @@ public class KonSoftAuthServerModule : AbpModule
         var app = context.GetApplicationBuilder();
         var env = context.GetEnvironment();
 
-        app.UseForwardedHeaders();
+        if (env.IsDevelopment())
-        app.Use(async (ctx, next) =>
         {
-            ctx.Request.Scheme = "https";
-            await next();
-        });
-
             app.UseDeveloperExceptionPage();
-        app.UseAbpRequestLocalization();
+            app.UseForwardedHeaders();
+        }
+        else
+        {
             app.UseErrorPage();
+            app.UseForwardedHeaders();
+            app.UseHsts();
+        }
+
+        app.UseAbpRequestLocalization();
 
         app.UseCorrelationId();
         app.UseStaticFiles();