Fix x-forwarded-for header processing for ws connections #860
Conversation
|
|
|
@leprechau could you take a look at this one? This rings of this old thread: |
proxy/http_headers.go
Outdated
| r.Header.Set("X-Forwarded-For", remoteIP) | ||
| targetHeader := []string{remoteIP} | ||
| sourceHeader := r.Header.Get("X-Forwarded-For") | ||
| if sourceHeader != "" { |
There was a problem hiding this comment.
There are some subtle things going on here. It would be good to mirror the functionality in the standard library:
https://github.com/golang/go/blob/master/src/net/http/httputil/reverseproxy.go#L296
The Get() call on the header only grabs the first element if there is more than one.
proxy/http_headers.go
Outdated
| if sourceHeader != "" { | ||
| targetHeader = append([]string{sourceHeader}, targetHeader...) | ||
| } | ||
| r.Header.Set("X-Forwarded-For", strings.Join(targetHeader, ",")) |
There was a problem hiding this comment.
Down here, these should be joined by
", "
as it is done in the standdard library here:
https://github.com/golang/go/blob/master/src/net/http/httputil/reverseproxy.go#L303
|
Agreed, we should be trying to mirror the functionality in the standard library where possible. This also shouldn't have an impact on the ACL functionality. |
nathanejohnson
force-pushed
the
master
branch
2 times, most recently
from
a55de9d to
04f958c
Compare
…golang standard library code
|
@nathanejohnson / @leprechau can this be released in a |
Fix
x-forwarded-forheader processing logic for ws connections.Instead of simply use remoteIP as
x-forwarded-forheader for backend, server add remoteIP to the end ofx-forwarded-forheader from client and send result to backend.This PR possibly connected with issue #828