forked from Deuxfleurs/tricot
Try to fix duplicate Host header issue
- disable http2 to backend connections even when using tls - forbid hyper from adding a host header
This commit is contained in:
parent
ea050c7045
commit
b1ac01f53e
2 changed files with 9 additions and 5 deletions
|
@ -22,7 +22,7 @@ pub const PROXY_TIMEOUT: Duration = Duration::from_secs(60);
|
|||
|
||||
const HOP_HEADERS: &[HeaderName] = &[
|
||||
header::CONNECTION,
|
||||
//header::KEEP_ALIVE,
|
||||
// header::KEEP_ALIVE, // not found in http::header
|
||||
header::PROXY_AUTHENTICATE,
|
||||
header::PROXY_AUTHORIZATION,
|
||||
header::TE,
|
||||
|
@ -69,7 +69,8 @@ fn create_proxied_request<B>(
|
|||
) -> Result<Request<B>> {
|
||||
let mut builder = Request::builder()
|
||||
.method(request.method())
|
||||
.uri(forward_uri(forward_url, &request)?);
|
||||
.uri(forward_uri(forward_url, &request)?)
|
||||
.version(hyper::Version::HTTP_11);
|
||||
|
||||
*builder.headers_mut().unwrap() = remove_hop_headers(request.headers());
|
||||
|
||||
|
@ -133,7 +134,7 @@ pub async fn call(
|
|||
let mut connector = HttpConnector::new();
|
||||
connector.set_connect_timeout(Some(PROXY_TIMEOUT));
|
||||
|
||||
let client: Client<_, hyper::Body> = Client::builder().build(connector);
|
||||
let client: Client<_, hyper::Body> = Client::builder().set_host(false).build(connector);
|
||||
|
||||
let response = client.request(proxied_request).await?;
|
||||
|
||||
|
@ -161,7 +162,7 @@ pub async fn call_https(
|
|||
http_connector.set_connect_timeout(Some(PROXY_TIMEOUT));
|
||||
let connector = HttpsConnectorFixedDnsname::new(tls_config, "dummy", http_connector);
|
||||
|
||||
let client: Client<_, hyper::Body> = Client::builder().build(connector);
|
||||
let client: Client<_, hyper::Body> = Client::builder().set_host(false).build(connector);
|
||||
let response = client.request(proxied_request).await?;
|
||||
|
||||
trace!("Inner response (HTTPS): {:?}", response);
|
||||
|
|
|
@ -21,7 +21,9 @@ pub struct HttpsConnectorFixedDnsname<T> {
|
|||
tls_config: Arc<rustls::ClientConfig>,
|
||||
fixed_dnsname: &'static str,
|
||||
}
|
||||
|
||||
type BoxError = Box<dyn std::error::Error + Send + Sync>;
|
||||
|
||||
impl HttpsConnectorFixedDnsname<HttpConnector> {
|
||||
pub fn new(
|
||||
mut tls_config: rustls::ClientConfig,
|
||||
|
@ -29,7 +31,7 @@ impl HttpsConnectorFixedDnsname<HttpConnector> {
|
|||
mut http: HttpConnector,
|
||||
) -> Self {
|
||||
http.enforce_http(false);
|
||||
tls_config.alpn_protocols = vec![b"h2".to_vec(), b"http/1.1".to_vec()];
|
||||
tls_config.alpn_protocols = vec![b"http/1.1".to_vec()];
|
||||
Self {
|
||||
http,
|
||||
tls_config: Arc::new(tls_config),
|
||||
|
@ -37,6 +39,7 @@ impl HttpsConnectorFixedDnsname<HttpConnector> {
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
impl<T> Service<Uri> for HttpsConnectorFixedDnsname<T>
|
||||
where
|
||||
T: Service<Uri>,
|
||||
|
|
Loading…
Add table
Reference in a new issue