Merge pull request #1363 from dolanor/rfc7239-middleware

RFC7239 in middleware
This commit is contained in:
Brad Rydzewski 2015-12-09 08:37:57 -08:00
commit b6de1ebf8a
2 changed files with 75 additions and 0 deletions

View file

@ -15,6 +15,27 @@ func Resolve(c *gin.Context) {
c.Next() c.Next()
} }
// parseHeader parses non unique headers value
// from a http.Request and return a slice of the values
// queried from the header
func parseHeader(r *http.Request, header string, token string) (val []string) {
for _, v := range r.Header[header] {
options := strings.Split(v, ";")
for _, o := range options {
keyvalue := strings.Split(o, "=")
var key, value string
if len(keyvalue) > 1 {
key, value = strings.TrimSpace(keyvalue[0]), strings.TrimSpace(keyvalue[1])
}
key = strings.ToLower(key)
if key == token {
val = append(val, value)
}
}
}
return
}
// resolveScheme is a helper function that evaluates the http.Request // resolveScheme is a helper function that evaluates the http.Request
// and returns the scheme, HTTP or HTTPS. It is able to detect, // and returns the scheme, HTTP or HTTPS. It is able to detect,
// using the X-Forwarded-Proto, if the original request was HTTPS // using the X-Forwarded-Proto, if the original request was HTTPS
@ -29,6 +50,8 @@ func resolveScheme(r *http.Request) string {
return "https" return "https"
case r.Header.Get("X-Forwarded-Proto") == "https": case r.Header.Get("X-Forwarded-Proto") == "https":
return "https" return "https"
case len(r.Header.Get("Forwarded")) != 0 && len(parseHeader(r, "Forwarded", "proto")) != 0 && parseHeader(r, "Forwarded", "proto")[0] == "https":
return "https"
default: default:
return "http" return "http"
} }
@ -46,8 +69,12 @@ func resolveHost(r *http.Request) string {
return r.URL.Host return r.URL.Host
case len(r.Header.Get("X-Forwarded-For")) != 0: case len(r.Header.Get("X-Forwarded-For")) != 0:
return r.Header.Get("X-Forwarded-For") return r.Header.Get("X-Forwarded-For")
case len(r.Header.Get("Forwarded")) != 0 && len(parseHeader(r, "Forwarded", "for")) != 0:
return parseHeader(r, "Forwarded", "for")[0]
case len(r.Header.Get("X-Host")) != 0: case len(r.Header.Get("X-Host")) != 0:
return r.Header.Get("X-Host") return r.Header.Get("X-Host")
case len(r.Header.Get("Forwarded")) != 0 && len(parseHeader(r, "Forwarded", "host")) != 0:
return parseHeader(r, "Forwarded", "host")[0]
case len(r.Header.Get("XFF")) != 0: case len(r.Header.Get("XFF")) != 0:
return r.Header.Get("XFF") return r.Header.Get("XFF")
case len(r.Header.Get("X-Real-IP")) != 0: case len(r.Header.Get("X-Real-IP")) != 0:

View file

@ -0,0 +1,48 @@
package location
import (
"github.com/franela/goblin"
"net/http"
"reflect"
"testing"
)
var mockHeader []string
var mockRequest *http.Request
var wronglyFormedHeader []string
var wronglyFormedRequest *http.Request
func init() {
mockHeader = []string{"For= 110.0.2.2", "for = \"[::1]\"; Host=example.com; foR=10.2.3.4; pRoto =https ; By = 127.0.0.1"}
mockRequest = &http.Request{Header: map[string][]string{"Forwarded": mockHeader}}
wronglyFormedHeader = []string{"Fro= 110.0.2.2", "for = \"[:1]\"% Host=example:.com| foR=10.278.3.4% poto =https | Bi % 127.0.0.1", ""}
wronglyFormedRequest = &http.Request{Header: map[string][]string{"Forwarded": wronglyFormedHeader}}
}
func TestParseForwardedHeadersProto(t *testing.T) {
g := goblin.Goblin(t)
g.Describe("Parse proto Forwarded Headers", func() {
g.It("Should parse a normal proto Forwarded header", func() {
parsedHeader := parseHeader(mockRequest, "Forwarded", "proto")
g.Assert("https" == parsedHeader[0]).IsTrue()
})
g.It("Should parse a normal for Forwarded header", func() {
parsedHeader := parseHeader(mockRequest, "Forwarded", "for")
g.Assert(reflect.DeepEqual([]string{"110.0.2.2", "\"[::1]\"", "10.2.3.4"}, parsedHeader)).IsTrue()
})
g.It("Should parse a normal host Forwarded header", func() {
parsedHeader := parseHeader(mockRequest, "Forwarded", "host")
g.Assert("example.com" == parsedHeader[0]).IsTrue()
})
g.It("Should parse a normal by Forwarded header", func() {
parsedHeader := parseHeader(mockRequest, "Forwarded", "by")
g.Assert("127.0.0.1" == parsedHeader[0]).IsTrue()
})
g.It("Should not crash if a wrongly formed Forwarder header is sent", func() {
parsedHeader := parseHeader(wronglyFormedRequest, "Forwarded", "by")
g.Assert(len(parsedHeader) == 0).IsTrue()
})
})
}