Add option to rewrite redirects

shared/management/http/api/openapi.yml

@@ -2865,6 +2865,9 @@ components:
         pass_host_header:
           type: boolean
           description: When true, the original client Host header is passed through to the backend instead of being rewritten to the backend's address
+        rewrite_redirects:
+          type: boolean
+          description: When true, Location headers in backend responses are rewritten to replace the backend address with the public-facing domain
         auth:
           $ref: '#/components/schemas/ReverseProxyAuthConfig'
         meta:
@@ -2925,6 +2928,9 @@ components:
         pass_host_header:
           type: boolean
           description: When true, the original client Host header is passed through to the backend instead of being rewritten to the backend's address
+        rewrite_redirects:
+          type: boolean
+          description: When true, Location headers in backend responses are rewritten to replace the backend address with the public-facing domain
         auth:
           $ref: '#/components/schemas/ReverseProxyAuthConfig'
       required:

shared/management/http/api/types.gen.go

@@ -1992,6 +1992,9 @@ type ReverseProxy struct {
 	// ProxyCluster The proxy cluster handling this reverse proxy (derived from domain)
 	ProxyCluster *string `json:"proxy_cluster,omitempty"`
 
+	// RewriteRedirects When true, Location headers in backend responses are rewritten to replace the backend address with the public-facing domain
+	RewriteRedirects *bool `json:"rewrite_redirects,omitempty"`
+
 	// Targets List of target backends for this reverse proxy
 	Targets []ReverseProxyTarget `json:"targets"`
 }
@@ -2065,6 +2068,9 @@ type ReverseProxyRequest struct {
 	// PassHostHeader When true, the original client Host header is passed through to the backend instead of being rewritten to the backend's address
 	PassHostHeader *bool `json:"pass_host_header,omitempty"`
 
+	// RewriteRedirects When true, Location headers in backend responses are rewritten to replace the backend address with the public-facing domain
+	RewriteRedirects *bool `json:"rewrite_redirects,omitempty"`
+
 	// Targets List of target backends for this reverse proxy
 	Targets []ReverseProxyTarget `json:"targets"`
 }

shared/management/proto/proxy_service.pb.go

@@ -399,6 +399,9 @@ type ProxyMapping struct {
 	// When true, the original Host header from the client request is passed
 	// through to the backend instead of being rewritten to the backend's address.
 	PassHostHeader bool `protobuf:"varint,8,opt,name=pass_host_header,json=passHostHeader,proto3" json:"pass_host_header,omitempty"`
+	// When true, Location headers in backend responses are rewritten to replace
+	// the backend address with the public-facing domain.
+	RewriteRedirects bool `protobuf:"varint,9,opt,name=rewrite_redirects,json=rewriteRedirects,proto3" json:"rewrite_redirects,omitempty"`
 }
 
 func (x *ProxyMapping) Reset() {
@@ -489,6 +492,13 @@ func (x *ProxyMapping) GetPassHostHeader() bool {
 	return false
 }
 
+func (x *ProxyMapping) GetRewriteRedirects() bool {
+	if x != nil {
+		return x.RewriteRedirects
+	}
+	return false
+}
+
 // SendAccessLogRequest consists of one or more AccessLogs from a Proxy.
 type SendAccessLogRequest struct {
 	state         protoimpl.MessageState

shared/management/proto/proxy_service.proto

@@ -67,6 +67,9 @@ message ProxyMapping {
   // When true, the original Host header from the client request is passed
   // through to the backend instead of being rewritten to the backend's address.
   bool pass_host_header = 8;
+  // When true, Location headers in backend responses are rewritten to replace
+  // the backend address with the public-facing domain.
+  bool rewrite_redirects = 9;
 }
 
 // SendAccessLogRequest consists of one or more AccessLogs from a Proxy.