Try to fix cookie issue: concatenate multiple cookie headers

This commit is contained in:
Alex 2022-02-27 19:47:41 +01:00
parent b1ac01f53e
commit d85ef18269
Signed by untrusted user: lx
GPG key ID: 0E496D15096376BE
2 changed files with 23 additions and 17 deletions

View file

@ -1,4 +1,4 @@
FROM rust:1.57-bullseye as builder FROM rust:1.58-buster as builder
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y libssl-dev pkg-config apt-get install -y libssl-dev pkg-config

View file

@ -72,22 +72,34 @@ fn create_proxied_request<B>(
.uri(forward_uri(forward_url, &request)?) .uri(forward_uri(forward_url, &request)?)
.version(hyper::Version::HTTP_11); .version(hyper::Version::HTTP_11);
*builder.headers_mut().unwrap() = remove_hop_headers(request.headers()); let headers = builder.headers_mut().unwrap();
*headers = remove_hop_headers(request.headers());
// If request does not have host header, add it from original URI authority // If request does not have host header, add it from original URI authority
if let header::Entry::Vacant(entry) = builder.headers_mut().unwrap().entry(header::HOST) { if let header::Entry::Vacant(entry) = headers.entry(header::HOST) {
if let Some(authority) = request.uri().authority() { if let Some(authority) = request.uri().authority() {
entry.insert(authority.as_str().parse()?); entry.insert(authority.as_str().parse()?);
} }
} }
// Concatenate cookie headers into single header
// (HTTP/2 allows several cookie headers, but we are proxying to
// HTTP/1.1 that does not)
let mut cookie_concat = vec![];
while let Some(cookie) = headers.remove(header::COOKIE) {
if !cookie_concat.is_empty() {
cookie_concat.extend(b"; ");
}
cookie_concat.extend_from_slice(cookie.as_bytes());
}
if !cookie_concat.is_empty() {
headers.insert(header::COOKIE, cookie_concat.try_into()?);
}
// Add forwarding information in the headers // Add forwarding information in the headers
let x_forwarded_for_header_name = "x-forwarded-for"; let x_forwarded_for_header_name = "x-forwarded-for";
match builder match headers.entry(x_forwarded_for_header_name) {
.headers_mut()
.unwrap()
.entry(x_forwarded_for_header_name)
{
header::Entry::Vacant(entry) => { header::Entry::Vacant(entry) => {
entry.insert(client_ip.to_string().parse()?); entry.insert(client_ip.to_string().parse()?);
} }
@ -98,7 +110,7 @@ fn create_proxied_request<B>(
} }
} }
builder.headers_mut().unwrap().insert( headers.insert(
HeaderName::from_bytes(b"x-forwarded-proto")?, HeaderName::from_bytes(b"x-forwarded-proto")?,
"https".try_into()?, "https".try_into()?,
); );
@ -107,14 +119,8 @@ fn create_proxied_request<B>(
if let Some(conn) = request.headers().get(header::CONNECTION) { if let Some(conn) = request.headers().get(header::CONNECTION) {
if conn.to_str()?.to_lowercase() == "upgrade" { if conn.to_str()?.to_lowercase() == "upgrade" {
if let Some(upgrade) = request.headers().get(header::UPGRADE) { if let Some(upgrade) = request.headers().get(header::UPGRADE) {
builder headers.insert(header::CONNECTION, "Upgrade".try_into()?);
.headers_mut() headers.insert(header::UPGRADE, upgrade.clone());
.unwrap()
.insert(header::CONNECTION, "Upgrade".try_into()?);
builder
.headers_mut()
.unwrap()
.insert(header::UPGRADE, upgrade.clone());
} }
} }
} }