fix: clean X-Forwarded-Prefix header for the dashboard.
This commit is contained in:
Ludovic Fernandez
GitHub
parent
a6c6127e33
commit
e63db782c1
2 changed files with 75 additions and 2 deletions
|
|
@ -2,6 +2,7 @@ package api
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"net/url"
|
||||||
|
|
||||||
"github.com/containous/traefik/v2/pkg/log"
|
"github.com/containous/traefik/v2/pkg/log"
|
||||||
assetfs "github.com/elazarl/go-bindata-assetfs"
|
assetfs "github.com/elazarl/go-bindata-assetfs"
|
||||||
|
|
@ -23,11 +24,29 @@ func (g DashboardHandler) Append(router *mux.Router) {
|
||||||
// Expose dashboard
|
// Expose dashboard
|
||||||
router.Methods(http.MethodGet).
|
router.Methods(http.MethodGet).
|
||||||
Path("/").
|
Path("/").
|
||||||
HandlerFunc(func(response http.ResponseWriter, request *http.Request) {
|
HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {
|
||||||
http.Redirect(response, request, request.Header.Get("X-Forwarded-Prefix")+"/dashboard/", http.StatusFound)
|
http.Redirect(resp, req, safePrefix(req)+"/dashboard/", http.StatusFound)
|
||||||
})
|
})
|
||||||
|
|
||||||
router.Methods(http.MethodGet).
|
router.Methods(http.MethodGet).
|
||||||
PathPrefix("/dashboard/").
|
PathPrefix("/dashboard/").
|
||||||
Handler(http.StripPrefix("/dashboard/", http.FileServer(g.Assets)))
|
Handler(http.StripPrefix("/dashboard/", http.FileServer(g.Assets)))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func safePrefix(req *http.Request) string {
|
||||||
|
prefix := req.Header.Get("X-Forwarded-Prefix")
|
||||||
|
if prefix == "" {
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
parse, err := url.Parse(prefix)
|
||||||
|
if err != nil {
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
if parse.Host != "" {
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
return parse.Path
|
||||||
|
}
|
||||||
|
|
|
||||||
54
pkg/api/dashboard_test.go
Normal file
54
pkg/api/dashboard_test.go
Normal file
|
|
@ -0,0 +1,54 @@
|
||||||
|
package api
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
"github.com/stretchr/testify/require"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Test_safePrefix(t *testing.T) {
|
||||||
|
testCases := []struct {
|
||||||
|
desc string
|
||||||
|
value string
|
||||||
|
expected string
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
desc: "host",
|
||||||
|
value: "https://example.com",
|
||||||
|
expected: "",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "host with path",
|
||||||
|
value: "https://example.com/foo/bar?test",
|
||||||
|
expected: "",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "path",
|
||||||
|
value: "/foo/bar",
|
||||||
|
expected: "/foo/bar",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "path without leading slash",
|
||||||
|
value: "foo/bar",
|
||||||
|
expected: "foo/bar",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
|
||||||
|
for _, test := range testCases {
|
||||||
|
test := test
|
||||||
|
t.Run(test.desc, func(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
|
||||||
|
req, err := http.NewRequest(http.MethodGet, "http://localhost", nil)
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
req.Header.Set("X-Forwarded-Prefix", test.value)
|
||||||
|
|
||||||
|
prefix := safePrefix(req)
|
||||||
|
|
||||||
|
assert.Equal(t, test.expected, prefix)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue