TUN-2850: Tunnel stripping Cloudflare headers

This commit is contained in:
Areg Harutyunyan 2020-03-30 22:51:48 +01:00
parent acea15161c
commit 0b2b6c8e12
1 changed files with 16 additions and 15 deletions

View File

@ -28,6 +28,10 @@ const (
// HTTP/1 equivalents. See https://tools.ietf.org/html/rfc7540#section-8.1.2.3 // HTTP/1 equivalents. See https://tools.ietf.org/html/rfc7540#section-8.1.2.3
func H2RequestHeadersToH1Request(h2 []Header, h1 *http.Request) error { func H2RequestHeadersToH1Request(h2 []Header, h1 *http.Request) error {
for _, header := range h2 { for _, header := range h2 {
if !IsControlHeader(header.Name) {
continue
}
switch strings.ToLower(header.Name) { switch strings.ToLower(header.Name) {
case ":method": case ":method":
h1.Method = header.Value h1.Method = header.Value
@ -72,16 +76,8 @@ func H2RequestHeadersToH1Request(h2 []Header, h1 *http.Request) error {
return fmt.Errorf("unparseable content length") return fmt.Errorf("unparseable content length")
} }
h1.ContentLength = contentLength h1.ContentLength = contentLength
case "connection", "upgrade": case RequestUserHeadersField:
// for websocket header support // Do not forward the serialized headers to the origin -- deserialize them, and ditch the serialized version
h1.Header.Add(http.CanonicalHeaderKey(header.Name), header.Value)
default:
// Ignore any other header;
// User headers will be read from `RequestUserHeadersField`
continue
}
}
// Find and parse user headers serialized into a single one // Find and parse user headers serialized into a single one
userHeaders, err := ParseUserHeaders(RequestUserHeadersField, h2) userHeaders, err := ParseUserHeaders(RequestUserHeadersField, h2)
if err != nil { if err != nil {
@ -90,6 +86,11 @@ func H2RequestHeadersToH1Request(h2 []Header, h1 *http.Request) error {
for _, userHeader := range userHeaders { for _, userHeader := range userHeaders {
h1.Header.Add(http.CanonicalHeaderKey(userHeader.Name), userHeader.Value) h1.Header.Add(http.CanonicalHeaderKey(userHeader.Name), userHeader.Value)
} }
default:
// All other control headers shall just be proxied transparently
h1.Header.Add(http.CanonicalHeaderKey(header.Name), header.Value)
}
}
return nil return nil
} }