starred/godoxy-yusing
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2026-03-18 07:13:50 +01:00
Code Issues 18 Packages Projects Releases 10 Wiki Activity

refactor: improve HTTPS detection logic by using case-insensitive comparison for X-Forwarded-Proto header

Browse Source
This commit is contained in:
yusing
2025-11-07 15:49:51 +08:00
parent e9ac3cd1a9
commit d81521f293
3 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/auth/oidc.go
View File

@@ -10,6 +10,7 @@ import (
"net/http"
"net/url"
"slices"
"strings"
"time"
"github.com/coreos/go-oidc/v3/oidc"
@@ -199,7 +200,7 @@ func (auth *OIDCProvider) HandleAuth(w http.ResponseWriter, r *http.Request) {
if r.URL.Path == "" {
r.URL.Path = OIDCAuthInitPath
}
if r.TLS == nil && r.Header.Get("X-Forwarded-Proto") != "https" {
if r.TLS == nil && strings.EqualFold(r.Header.Get("X-Forwarded-Proto"), "https") {
r.URL.Scheme = "https"
http.Redirect(w, r, r.URL.String(), http.StatusFound)
return

3
internal/net/gphttp/middleware/forwardauth.go
View File

@@ -5,6 +5,7 @@ import (
"errors"
"net"
"net/http"
"strings"
"time"
"github.com/yusing/godoxy/internal/route/routes"
@@ -71,7 +72,7 @@ func (m *forwardAuthMiddleware) before(w http.ResponseWriter, r *http.Request) (
}
proto := "http"
if r.TLS != nil || r.Header.Get("X-Forwarded-Proto") == "https" {
if r.TLS != nil || strings.EqualFold(r.Header.Get("X-Forwarded-Proto"), "https") {
proto = "https"
}

2
internal/net/gphttp/middleware/redirect_http.go
View File

@@ -19,7 +19,7 @@ var RedirectHTTP = NewMiddleware[redirectHTTP]()
// before implements RequestModifier.
func (m *redirectHTTP) before(w http.ResponseWriter, r *http.Request) (proceed bool) {
if r.TLS != nil || r.Header.Get("X-Forwarded-Proto") == "https" {
if r.TLS != nil || strings.EqualFold(r.Header.Get("X-Forwarded-Proto"), "https") {
return true
}