Skip to content

Commit 606fe5a

Browse files
bartjkdpbartjkdp
authored
Merge pull request #41 from delta10/feat/add-forwarded-for-headers
Add X-Forwarded-* headers
2 parents a361adb + 83b57ec commit 606fe5a

1 file changed

Lines changed: 33 additions & 5 deletions

File tree

cmd/filter-proxy/main.go

Lines changed: 33 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,7 @@ func main() {
7272
}
7373

7474
utils.DelHopHeaders(r.Header)
75+
addForwardedForHeaders(r, r)
7576

7677
client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
7778
return http.ErrUseLastResponse
@@ -182,8 +183,6 @@ func main() {
182183
return
183184
}
184185

185-
log.Printf("%+v", backendRequest)
186-
187186
backendRequest.Header.Set("Content-Type", "application/json")
188187
} else {
189188
backendRequest, err = http.NewRequest(r.Method, fullBackendURL.String(), nil)
@@ -233,6 +232,8 @@ func main() {
233232
backendRequest.Header.Set(headerKey, parsedHeaderValue)
234233
}
235234

235+
addForwardedForHeaders(backendRequest, r)
236+
236237
client := &http.Client{
237238
Timeout: 25 * time.Second,
238239
Transport: transport,
@@ -312,12 +313,13 @@ func main() {
312313

313314
s := &http.Server{
314315
Addr: config.ListenAddress,
315-
Handler: httpHandler,
316+
Handler: requestLoggingMiddleware(httpHandler),
316317
ReadTimeout: 10 * time.Second,
317318
WriteTimeout: 10 * time.Second,
318319
MaxHeaderBytes: 1 << 20,
319320
}
320321

322+
log.Printf("listening on %v", config.ListenAddress)
321323
if config.ListenTLS.Certificate != "" && config.ListenTLS.Key != "" {
322324
log.Fatal(s.ListenAndServeTLS(config.ListenTLS.Certificate, config.ListenTLS.Key))
323325
} else {
@@ -391,7 +393,7 @@ func authorizeRequestWithService(config *config.Config, backend config.Backend,
391393

392394
authorizationBody["params"] = params
393395
} else if backend.Type != "" {
394-
log.Printf("unsupported backend type configured: %s")
396+
log.Printf("unsupported backend type configured: %s", backend.Type)
395397
return http.StatusInternalServerError, nil
396398
}
397399

@@ -415,7 +417,7 @@ func authorizeRequestWithService(config *config.Config, backend config.Backend,
415417
request.Header.Set("Authorization", r.Header.Get("Authorization"))
416418
}
417419

418-
request.Header.Set("X-Forwarded-For", utils.ReadUserIP(r))
420+
addForwardedForHeaders(request, r)
419421

420422
client := &http.Client{
421423
Timeout: 25 * time.Second,
@@ -461,3 +463,29 @@ func writeError(w http.ResponseWriter, statusCode int, message string) {
461463
w.Header().Set("Content-Type", "application/json")
462464
w.Write(jsonResp)
463465
}
466+
467+
func addForwardedForHeaders(backendRequest *http.Request, originalRequest *http.Request) {
468+
backendRequest.Header.Set("X-Forwarded-Host", originalRequest.Host)
469+
backendRequest.Header.Set("X-Forwarded-For", utils.ReadUserIP(originalRequest))
470+
471+
if originalRequest.TLS == nil {
472+
backendRequest.Header.Set("X-Forwarded-Proto", "http")
473+
} else {
474+
backendRequest.Header.Set("X-Forwarded-Proto", "https")
475+
}
476+
}
477+
478+
func requestLoggingMiddleware(next http.Handler) http.Handler {
479+
fn := func(w http.ResponseWriter, r *http.Request) {
480+
log.Printf(
481+
"%s %s %s",
482+
r.Method,
483+
r.URL.Path,
484+
r.Header.Get("User-Agent"),
485+
)
486+
487+
next.ServeHTTP(w, r)
488+
}
489+
490+
return http.HandlerFunc(fn)
491+
}

0 commit comments

Comments
 (0)