From debae34b339950b98599992cd73f6d47fce48199 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20St=C3=BCrmer?= Date: Tue, 18 Oct 2016 19:55:31 +0200 Subject: [PATCH] URI-encode forwarded location header in proxy Right now there are situations in which ElasticSearch puts characters in the character code range between 128 and 255 into the `Location` header. This leads to an exception when trying to pass on that header through the hapi proxy in versions before 15.0.0, because it validates that only US-ASCII characters are used in headers. To work around that situation, the `Location` header is encoded using `encodeURI()` for now. Closes #8705 --- src/core_plugins/elasticsearch/lib/create_proxy.js | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/core_plugins/elasticsearch/lib/create_proxy.js b/src/core_plugins/elasticsearch/lib/create_proxy.js index 2ef2bd1da56d8..44490ca5720d8 100644 --- a/src/core_plugins/elasticsearch/lib/create_proxy.js +++ b/src/core_plugins/elasticsearch/lib/create_proxy.js @@ -20,7 +20,14 @@ function createProxy(server, method, route, config) { xforward: true, timeout: server.config().get('elasticsearch.requestTimeout'), onResponse: function (err, responseFromUpstream, request, reply) { - reply(err, responseFromUpstream); + const upstreamLocation = responseFromUpstream.headers.location; + const response = reply(err, responseFromUpstream); + + // Workaround for #8705 until hapi has been updated to >= 15.0.0 + if (upstreamLocation) { + delete responseFromUpstream.headers.location; + response.location(encodeURI(upstreamLocation)); + } } } },