From 7625863638db1c3f29a1882bd70ee68ba052ba13 Mon Sep 17 00:00:00 2001 From: andrew Date: Tue, 27 Jun 2023 04:42:28 -0400 Subject: [PATCH] fix: erroneous error message for host validation when crafting an ingress YAML file by hand its easy to write the following by mistake: ```yaml ingress: - hostname: https://example.com service: http://localhost:50100 - service: http_status:404 ``` `cloudflared` would report the error: `Hostname cannot contain a port` this confused me for a few minutes before i compared two configs and saw my mistake. this change introduces a check prior to port splitting to see if the hostname contains a protocol and reports a relevant error --- ingress/ingress.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ingress/ingress.go b/ingress/ingress.go index e2498842..5ab57cfc 100644 --- a/ingress/ingress.go +++ b/ingress/ingress.go @@ -24,6 +24,7 @@ var ( errLastRuleNotCatchAll = errors.New("The last ingress rule must match all URLs (i.e. it should not have a hostname or path filter)") errBadWildcard = errors.New("Hostname patterns can have at most one wildcard character (\"*\") and it can only be used for subdomains, e.g. \"*.example.com\"") errHostnameContainsPort = errors.New("Hostname cannot contain a port") + errHostnameContainsScheme = errors.New("Hostname cannot contain a scheme (e.g. http://, https://, etc.)") ErrURLIncompatibleWithIngress = errors.New("You can't set the --url flag (or $TUNNEL_URL) when using multiple-origin ingress rules") ) @@ -359,6 +360,10 @@ func validateIngress(ingress []config.UnvalidatedIngressRule, defaults OriginReq } func validateHostname(r config.UnvalidatedIngressRule, ruleIndex, totalRules int) error { + // Ensure the hostname doesn't contain a scheme so a less confusing error is returned. + if u, e := url.Parse(r.Hostname); e == nil && isHTTPService(u) { + return errHostnameContainsScheme + } // Ensure that the hostname doesn't contain port _, _, err := net.SplitHostPort(r.Hostname) if err == nil {