as far as I was able to notice, since 23.1 I have seen the following anomalies (setup is Route 53 > NGINX Reverse Proxy > ADB):
on the page: ords/r/apex/app-builder/apps
- the run app column launches using the ADB URL
on the page: ords/r/apex/app-builder/home
- the run app card launches using the ADB URL
- the run page button launches using my domain URL and sometimes throws the below console error
- the run page column launches using my domain URL and sometimes throws the below console error
"Uncaught DOMException: Blocked a frame with origin "https://..." from accessing a cross-origin frame."
- owa_util.get_cgi_env('HTTP_HOST') returns the ADB URL
- owa_util.get_cgi_env('X_FORWARDED_HOST') also returns the ADB URL regardless of value set for X-Forwarded-Host in NGINX config
- apex_authentication.get_callback_url returns the ADB URL
the last point above is causing a problem with any OAuth2 social sign-in as the URL doesn't match the domain it's expecting. this seems related to but can't be caused by 23.1 as I can see many posts regarding this going back years, with the only solution offered being to replace the proxy server with an Oracle load balancer.
maybe something changed with 23.1 that means APEX is now more closely emulating or relying on ORDS functionality, which is why it's picking up related quirks. ideally it would be good to know how the Oracle LBs are configured so I can copy the relevant configuration to my NGINX reverse proxy (assuming NGINX misconfiguration is the root-cause but it might not be).
as always any insights from anyone in the know would be greatly appreciated.