Fix ipv6 handling in redirect middleware
This commit is contained in:
Romain
GitHub
parent
9f32292473
commit
e5e46bf4ed
11 changed files with 49 additions and 11 deletions
2
integration/testdata/rawdata-consul.json
vendored
2
integration/testdata/rawdata-consul.json
vendored
|
|
@ -86,7 +86,7 @@
|
|||
},
|
||||
"dashboard_redirect@internal": {
|
||||
"redirectRegex": {
|
||||
"regex": "^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$",
|
||||
"regex": "^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$",
|
||||
"replacement": "${1}/dashboard/",
|
||||
"permanent": true
|
||||
},
|
||||
|
|
|
|||
2
integration/testdata/rawdata-etcd.json
vendored
2
integration/testdata/rawdata-etcd.json
vendored
|
|
@ -86,7 +86,7 @@
|
|||
},
|
||||
"dashboard_redirect@internal": {
|
||||
"redirectRegex": {
|
||||
"regex": "^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$",
|
||||
"regex": "^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$",
|
||||
"replacement": "${1}/dashboard/",
|
||||
"permanent": true
|
||||
},
|
||||
|
|
|
|||
2
integration/testdata/rawdata-ingress.json
vendored
2
integration/testdata/rawdata-ingress.json
vendored
|
|
@ -54,7 +54,7 @@
|
|||
"middlewares": {
|
||||
"dashboard_redirect@internal": {
|
||||
"redirectRegex": {
|
||||
"regex": "^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$",
|
||||
"regex": "^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$",
|
||||
"replacement": "${1}/dashboard/",
|
||||
"permanent": true
|
||||
},
|
||||
|
|
|
|||
2
integration/testdata/rawdata-redis.json
vendored
2
integration/testdata/rawdata-redis.json
vendored
|
|
@ -86,7 +86,7 @@
|
|||
},
|
||||
"dashboard_redirect@internal": {
|
||||
"redirectRegex": {
|
||||
"regex": "^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$",
|
||||
"regex": "^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$",
|
||||
"replacement": "${1}/dashboard/",
|
||||
"permanent": true
|
||||
},
|
||||
|
|
|
|||
2
integration/testdata/rawdata-zk.json
vendored
2
integration/testdata/rawdata-zk.json
vendored
|
|
@ -86,7 +86,7 @@
|
|||
},
|
||||
"dashboard_redirect@internal": {
|
||||
"redirectRegex": {
|
||||
"regex": "^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$",
|
||||
"regex": "^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$",
|
||||
"replacement": "${1}/dashboard/",
|
||||
"permanent": true
|
||||
},
|
||||
|
|
|
|||
|
|
@ -115,7 +115,7 @@ func rawURL(req *http.Request) string {
|
|||
port := ""
|
||||
uri := req.RequestURI
|
||||
|
||||
schemeRegex := `^(https?):\/\/([\w\._-]+)(:\d+)?(.*)$`
|
||||
schemeRegex := `^(https?):\/\/(\[[\w:.]+\]|[\w\._-]+)?(:\d+)?(.*)$`
|
||||
re, _ := regexp.Compile(schemeRegex)
|
||||
if re.Match([]byte(req.RequestURI)) {
|
||||
match := re.FindStringSubmatch(req.RequestURI)
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ import (
|
|||
|
||||
const (
|
||||
typeSchemeName = "RedirectScheme"
|
||||
schemeRedirectRegex = `^(https?:\/\/)?([\w\._-]+)(:\d+)?(.*)$`
|
||||
schemeRedirectRegex = `^(https?:\/\/)?(\[[\w:.]+\]|[\w\._-]+)?(:\d+)?(.*)$`
|
||||
)
|
||||
|
||||
// NewRedirectScheme creates a new RedirectScheme middleware.
|
||||
|
|
|
|||
|
|
@ -186,6 +186,44 @@ func TestRedirectSchemeHandler(t *testing.T) {
|
|||
expectedURL: "https://foo",
|
||||
expectedStatus: http.StatusFound,
|
||||
},
|
||||
{
|
||||
desc: "IPV6 HTTP to HTTPS redirection without port",
|
||||
config: dynamic.RedirectScheme{
|
||||
Scheme: "https",
|
||||
},
|
||||
url: "http://[::1]",
|
||||
expectedURL: "https://[::1]",
|
||||
expectedStatus: http.StatusFound,
|
||||
},
|
||||
{
|
||||
desc: "IPV6 HTTP to HTTPS redirection with port",
|
||||
config: dynamic.RedirectScheme{
|
||||
Scheme: "https",
|
||||
Port: "8443",
|
||||
},
|
||||
url: "http://[::1]",
|
||||
expectedURL: "https://[::1]:8443",
|
||||
expectedStatus: http.StatusFound,
|
||||
},
|
||||
{
|
||||
desc: "IPV6 HTTP with port 80 to HTTPS redirection without port",
|
||||
config: dynamic.RedirectScheme{
|
||||
Scheme: "https",
|
||||
},
|
||||
url: "http://[::1]:80",
|
||||
expectedURL: "https://[::1]",
|
||||
expectedStatus: http.StatusFound,
|
||||
},
|
||||
{
|
||||
desc: "IPV6 HTTP with port 80 to HTTPS redirection with port",
|
||||
config: dynamic.RedirectScheme{
|
||||
Scheme: "https",
|
||||
Port: "8443",
|
||||
},
|
||||
url: "http://[::1]:80",
|
||||
expectedURL: "https://[::1]:8443",
|
||||
expectedStatus: http.StatusFound,
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range testCases {
|
||||
|
|
@ -235,7 +273,7 @@ func TestRedirectSchemeHandler(t *testing.T) {
|
|||
require.Errorf(t, err, "Location %v", location)
|
||||
}
|
||||
|
||||
schemeRegex := `^(https?):\/\/([\w\._-]+)(:\d+)?(.*)$`
|
||||
schemeRegex := `^(https?):\/\/(\[[\w:.]+\]|[\w\._-]+)?(:\d+)?(.*)$`
|
||||
re, _ := regexp.Compile(schemeRegex)
|
||||
|
||||
if re.Match([]byte(test.url)) {
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@
|
|||
"middlewares": {
|
||||
"dashboard_redirect": {
|
||||
"redirectRegex": {
|
||||
"regex": "^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$",
|
||||
"regex": "^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$",
|
||||
"replacement": "${1}/dashboard/",
|
||||
"permanent": true
|
||||
}
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@
|
|||
"middlewares": {
|
||||
"dashboard_redirect": {
|
||||
"redirectRegex": {
|
||||
"regex": "^(http:\\/\\/[^:\\/]+(:\\d+)?)\\/$",
|
||||
"regex": "^(http:\\/\\/(\\[[\\w:.]+\\]|[\\w\\._-]+)(:\\d+)?)\\/$",
|
||||
"replacement": "${1}/dashboard/",
|
||||
"permanent": true
|
||||
}
|
||||
|
|
|
|||
|
|
@ -197,7 +197,7 @@ func (i *Provider) apiConfiguration(cfg *dynamic.Configuration) {
|
|||
|
||||
cfg.HTTP.Middlewares["dashboard_redirect"] = &dynamic.Middleware{
|
||||
RedirectRegex: &dynamic.RedirectRegex{
|
||||
Regex: `^(http:\/\/[^:\/]+(:\d+)?)\/$`,
|
||||
Regex: `^(http:\/\/(\[[\w:.]+\]|[\w\._-]+)(:\d+)?)\/$`,
|
||||
Replacement: "${1}/dashboard/",
|
||||
Permanent: true,
|
||||
},
|
||||
|
|
|
|||
Loading…
Reference in a new issue