2017-02-07 21:33:23 +00:00
|
|
|
package forward
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/vulcand/oxy/utils"
|
|
|
|
)
|
|
|
|
|
|
|
|
// Rewriter is responsible for removing hop-by-hop headers and setting forwarding headers
|
|
|
|
type HeaderRewriter struct {
|
|
|
|
TrustForwardHeader bool
|
|
|
|
Hostname string
|
|
|
|
}
|
|
|
|
|
|
|
|
func (rw *HeaderRewriter) Rewrite(req *http.Request) {
|
|
|
|
if clientIP, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
|
|
|
|
if rw.TrustForwardHeader {
|
|
|
|
if prior, ok := req.Header[XForwardedFor]; ok {
|
|
|
|
clientIP = strings.Join(prior, ", ") + ", " + clientIP
|
|
|
|
}
|
|
|
|
}
|
|
|
|
req.Header.Set(XForwardedFor, clientIP)
|
|
|
|
}
|
|
|
|
|
|
|
|
if xfp := req.Header.Get(XForwardedProto); xfp != "" && rw.TrustForwardHeader {
|
|
|
|
req.Header.Set(XForwardedProto, xfp)
|
|
|
|
} else if req.TLS != nil {
|
|
|
|
req.Header.Set(XForwardedProto, "https")
|
|
|
|
} else {
|
|
|
|
req.Header.Set(XForwardedProto, "http")
|
|
|
|
}
|
|
|
|
|
2017-08-21 15:54:02 +00:00
|
|
|
if xfp := req.Header.Get(XForwardedPort); xfp != "" && rw.TrustForwardHeader {
|
|
|
|
req.Header.Set(XForwardedPort, xfp)
|
|
|
|
} else if req.URL.Port() != "" {
|
|
|
|
req.Header.Set(XForwardedPort, req.URL.Port())
|
|
|
|
}
|
|
|
|
|
2017-02-07 21:33:23 +00:00
|
|
|
if xfh := req.Header.Get(XForwardedHost); xfh != "" && rw.TrustForwardHeader {
|
|
|
|
req.Header.Set(XForwardedHost, xfh)
|
|
|
|
} else if req.Host != "" {
|
|
|
|
req.Header.Set(XForwardedHost, req.Host)
|
|
|
|
}
|
|
|
|
|
|
|
|
if rw.Hostname != "" {
|
|
|
|
req.Header.Set(XForwardedServer, rw.Hostname)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Remove hop-by-hop headers to the backend. Especially important is "Connection" because we want a persistent
|
|
|
|
// connection, regardless of what the client sent to us.
|
|
|
|
utils.RemoveHeaders(req.Header, HopHeaders...)
|
|
|
|
}
|