mirrors/woodpecker
1
0
Fork 0
mirror of https://github.com/woodpecker-ci/woodpecker.git synced 2025-04-26 21:44:44 +00:00
Code Issues Projects Releases Wiki Activity

Adds RFC7239 checks to the new location middleware.

Browse source 
The RFC7239 is the standard way to define headers about reverse proxy
redirections. It replaces all the X-Forwarded-* previous way of defining them.
We let the previous implementations exist to avoid breaking existant installations.
This commit is contained in:
Tanguy Herrmann 2015-12-03 18:36:55 +01:00
parent 69f5d90fd3
commit 4fde58d57e
1 changed files with 27 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
router/middleware/location/location.go
View file

@ -15,6 +15,27 @@ func Resolve(c *gin.Context) {
c.Next() c.Next()
} }
// parseHeader parses non unique headers value
// from a http.Request and return a slice of the values
// queried from the header
func parseHeader(r *http.Request, header string, token string) (val []string) {
for _, v := range r.Header[header] {
options := strings.Split(v, ";")
for _, o := range options {
keyvalue := strings.Split(o, "=")
var key, value string
if len(keyvalue) > 1 {
key, value = strings.TrimSpace(keyvalue[0]), strings.TrimSpace(keyvalue[1])
}
key = strings.ToLower(key)
if key == token {
val = append(val, value)
}
}
}
return
}
// resolveScheme is a helper function that evaluates the http.Request // resolveScheme is a helper function that evaluates the http.Request
// and returns the scheme, HTTP or HTTPS. It is able to detect, // and returns the scheme, HTTP or HTTPS. It is able to detect,
// using the X-Forwarded-Proto, if the original request was HTTPS // using the X-Forwarded-Proto, if the original request was HTTPS
@ -29,6 +50,8 @@ func resolveScheme(r *http.Request) string {
return "https" return "https"
case r.Header.Get("X-Forwarded-Proto") == "https": case r.Header.Get("X-Forwarded-Proto") == "https":
return "https" return "https"
case len(r.Header.Get("Forwarded")) != 0 && len(parseHeader(r, "Forwarded", "proto")) != 0 && parseHeader(r, "Forwarded", "proto")[0] == "https":
return "https"
default: default:
return "http" return "http"
} }
@ -46,8 +69,12 @@ func resolveHost(r *http.Request) string {
return r.URL.Host return r.URL.Host
case len(r.Header.Get("X-Forwarded-For")) != 0: case len(r.Header.Get("X-Forwarded-For")) != 0:
return r.Header.Get("X-Forwarded-For") return r.Header.Get("X-Forwarded-For")
case len(r.Header.Get("Forwarded")) != 0 && len(parseHeader(r, "Forwarded", "for")) != 0:
return parseHeader(r, "Forwarded", "for")[0]
case len(r.Header.Get("X-Host")) != 0: case len(r.Header.Get("X-Host")) != 0:
return r.Header.Get("X-Host") return r.Header.Get("X-Host")
case len(r.Header.Get("Forwarded")) != 0 && len(parseHeader(r, "Forwarded", "host")) != 0:
return parseHeader(r, "Forwarded", "host")[0]
case len(r.Header.Get("XFF")) != 0: case len(r.Header.Get("XFF")) != 0:
return r.Header.Get("XFF") return r.Header.Get("XFF")
case len(r.Header.Get("X-Real-IP")) != 0: case len(r.Header.Get("X-Real-IP")) != 0: