nghttpx: Add x-forwarded-proto header field to downstream HTTP/2 request
This commit is contained in:
parent
d0fbbe6932
commit
ba5d9d3352
|
@ -246,15 +246,16 @@ int Http2DownstreamConnection::push_request_headers()
|
|||
downstream_->concat_norm_request_headers();
|
||||
auto end_headers = std::end(downstream_->get_request_headers());
|
||||
|
||||
// 6 means:
|
||||
// 7 means:
|
||||
// 1. :method
|
||||
// 2. :scheme
|
||||
// 3. :path
|
||||
// 4. :authority (optional)
|
||||
// 5. via (optional)
|
||||
// 6. x-forwarded-for (optional)
|
||||
// 7. x-forwarded-proto (optional)
|
||||
auto nva = std::vector<nghttp2_nv>();
|
||||
nva.reserve(nheader + 6);
|
||||
nva.reserve(nheader + 7);
|
||||
std::string via_value;
|
||||
std::string xff_value;
|
||||
std::string scheme, authority, path, query;
|
||||
|
@ -308,9 +309,11 @@ int Http2DownstreamConnection::push_request_headers()
|
|||
}
|
||||
}
|
||||
if(scheme.empty()) {
|
||||
// The default scheme is http. For HTTP2 upstream, the path must
|
||||
// be absolute URI, so scheme should be provided.
|
||||
if(client_handler_->get_ssl()) {
|
||||
nva.push_back(http2::make_nv_ll(":scheme", "https"));
|
||||
} else {
|
||||
nva.push_back(http2::make_nv_ll(":scheme", "http"));
|
||||
}
|
||||
} else {
|
||||
nva.push_back(http2::make_nv_ls(":scheme", scheme));
|
||||
}
|
||||
|
@ -370,6 +373,19 @@ int Http2DownstreamConnection::push_request_headers()
|
|||
nva.push_back(http2::make_nv_ls("x-forwarded-for", (*xff).second));
|
||||
}
|
||||
|
||||
if(downstream_->get_request_method() != "CONNECT") {
|
||||
// We use same protocol with :scheme header field
|
||||
if(scheme.empty()) {
|
||||
if(client_handler_->get_ssl()) {
|
||||
nva.push_back(http2::make_nv_ll("x-forwarded-proto", "https"));
|
||||
} else {
|
||||
nva.push_back(http2::make_nv_ll("x-forwarded-proto", "http"));
|
||||
}
|
||||
} else {
|
||||
nva.push_back(http2::make_nv_ls("x-forwarded-proto", scheme.c_str()));
|
||||
}
|
||||
}
|
||||
|
||||
auto via = downstream_->get_norm_request_header("via");
|
||||
if(get_config()->no_via) {
|
||||
if(via != end_headers) {
|
||||
|
|
|
@ -175,7 +175,7 @@ int HttpDownstreamConnection::push_request_headers()
|
|||
http2::sanitize_header_value(hdrs, hdrs.size() - (*xff).second.size());
|
||||
hdrs += ", ";
|
||||
}
|
||||
hdrs += downstream_->get_upstream()->get_client_handler()->get_ipaddr();
|
||||
hdrs += client_handler_->get_ipaddr();
|
||||
hdrs += "\r\n";
|
||||
} else if(xff != end_headers) {
|
||||
hdrs += "X-Forwarded-For: ";
|
||||
|
@ -188,7 +188,7 @@ int HttpDownstreamConnection::push_request_headers()
|
|||
if(!downstream_->get_request_http2_scheme().empty()) {
|
||||
hdrs += downstream_->get_request_http2_scheme();
|
||||
hdrs += "\r\n";
|
||||
} else if(util::istartsWith(downstream_->get_request_path(), "https:")) {
|
||||
} else if(client_handler_->get_ssl()) {
|
||||
hdrs += "https\r\n";
|
||||
} else {
|
||||
hdrs += "http\r\n";
|
||||
|
|
Loading…
Reference in New Issue