Home Esplora Aiuto
Registrati Accedi
oscarleiva
/
energylink
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

remove X-Forwarded-* headers added by nginx when proxying data source & plugin requests (#8418)

* remove X-Forwarded-* headers added by nginx when proxying data source & plugin requests

* properly handle X-Forwarded-For
Dan Cech 8 anni fa
parent
d318c9093f
commit
e4cb103966
2 ha cambiato i file con 44 aggiunte e 1 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 22 0
      pkg/api/dataproxy.go
  2. 22 1
      pkg/api/pluginproxy/pluginproxy.go

+ 22 - 0
pkg/api/dataproxy.go
Vedi File 

@@ -3,6 +3,7 @@ package api
 
 import (
 
 	"bytes"
 
 	"io/ioutil"
 
+	"net"
 
 	"net/http"
 
 	"net/http/httputil"
 
 	"net/url"
 
@@ -62,6 +63,27 @@ func NewReverseProxy(ds *m.DataSource, proxyPath string, targetUrl *url.URL) *ht
 
 		// clear cookie headers
 
 		req.Header.Del("Cookie")
 
 		req.Header.Del("Set-Cookie")
 
+
 
+		// clear X-Forwarded Host/Port/Proto headers
 
+		req.Header.Del("X-Forwarded-Host")
 
+		req.Header.Del("X-Forwarded-Port")
 
+		req.Header.Del("X-Forwarded-Proto")
 
+
 
+		// set X-Forwarded-For header
 
+		if req.RemoteAddr != "" {
 
+			remoteAddr, _, err := net.SplitHostPort(req.RemoteAddr)
 
+			if err != nil {
 
+				remoteAddr = req.RemoteAddr
 
+			}
 
+			if req.Header.Get("X-Forwarded-For") != "" {
 
+				req.Header.Set("X-Forwarded-For", req.Header.Get("X-Forwarded-For")+", "+remoteAddr)
 
+			} else {
 
+				req.Header.Set("X-Forwarded-For", remoteAddr)
 
+			}
 
+		}
 
+
 
+		// reqBytes, _ := httputil.DumpRequestOut(req, true);
 
+		// log.Trace("Proxying datasource request: %s", string(reqBytes))
 
 	}
 
 
 	return &httputil.ReverseProxy{Director: director, FlushInterval: time.Millisecond * 200}

+ 22 - 1
pkg/api/pluginproxy/pluginproxy.go
Vedi File 

@@ -5,6 +5,7 @@ import (
 
 	"encoding/json"
 
 	"errors"
 
 	"fmt"
 
+	"net"
 
 	"net/http"
 
 	"net/http/httputil"
 
 	"net/url"
 
@@ -71,7 +72,25 @@ func NewApiPluginProxy(ctx *middleware.Context, proxyPath string, route *plugins
 
 		req.Header.Del("Cookie")
 
 		req.Header.Del("Set-Cookie")
 
 
-		//Create a HTTP header with the context in it.
 
+		// clear X-Forwarded Host/Port/Proto headers
 
+		req.Header.Del("X-Forwarded-Host")
 
+		req.Header.Del("X-Forwarded-Port")
 
+		req.Header.Del("X-Forwarded-Proto")
 
+
 
+		// set X-Forwarded-For header
 
+		if req.RemoteAddr != "" {
 
+			remoteAddr, _, err := net.SplitHostPort(req.RemoteAddr)
 
+			if err != nil {
 
+				remoteAddr = req.RemoteAddr
 
+			}
 
+			if req.Header.Get("X-Forwarded-For") != "" {
 
+				req.Header.Set("X-Forwarded-For", req.Header.Get("X-Forwarded-For")+", "+remoteAddr)
 
+			} else {
 
+				req.Header.Set("X-Forwarded-For", remoteAddr)
 
+			}
 
+		}
 
+
 
+		// Create a HTTP header with the context in it.
 
 		ctxJson, err := json.Marshal(ctx.SignedInUser)
 
 		if err != nil {
 
 			ctx.JsonApiErr(500, "failed to marshal context to json.", err)
 
@@ -93,6 +112,8 @@ func NewApiPluginProxy(ctx *middleware.Context, proxyPath string, route *plugins
 
 			}
 
 		}
 
 
+		// reqBytes, _ := httputil.DumpRequestOut(req, true);
 
+		// log.Trace("Proxying plugin request: %s", string(reqBytes))
 
 	}
 
 
 	return &httputil.ReverseProxy{Director: director}