enables add-x-forwarded by default, added hide-x-forwarded

2026-04-24 01:08:31 +02:00 · 2024-09-30 16:16:56 +08:00
parent 9065d990e5
commit ebedbc931f
4 changed files with 179 additions and 72 deletions
--- a/internal/net/http/middleware/middlewares.go
+++ b/internal/net/http/middleware/middlewares.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"strings"

+	"github.com/sirupsen/logrus"
 	D "github.com/yusing/go-proxy/internal/docker"
 )

@@ -18,7 +19,7 @@ func Get(name string) (middleware *Middleware, ok bool) {
 func init() {
 	middlewares = map[string]*Middleware{
 		"set_x_forwarded":    SetXForwarded,
-		"add_x_forwarded":    AddXForwarded,
+		"hide_x_forwarded":   HideXForwarded,
 		"redirect_http":      RedirectHTTP,
 		"forward_auth":       ForwardAuth.m,
 		"modify_response":    ModifyResponse.m,
@@ -44,4 +45,28 @@ func init() {
 			m.name = names[0]
 		}
 	}
+	// TODO: seperate from init()
+	// b := E.NewBuilder("failed to load middlewares")
+	// middlewareDefs, err := U.ListFiles(common.MiddlewareDefsBasePath, 0)
+	// if err != nil {
+	// 	logrus.Errorf("failed to list middleware definitions: %s", err)
+	// 	return
+	// }
+	// for _, defFile := range middlewareDefs {
+	// 	mws, err := BuildMiddlewaresFromYAML(defFile)
+	// 	for name, m := range mws {
+	// 		if _, ok := middlewares[name]; ok {
+	// 			b.Add(E.Duplicated("middleware", name))
+	// 			continue
+	// 		}
+	// 		middlewares[name] = m
+	// 		logger.Infof("middleware %s loaded from %s", name, path.Base(defFile))
+	// 	}
+	// 	b.Add(err.Subject(defFile))
+	// }
+	// if b.HasError() {
+	// 	logger.Error(b.Build())
+	// }
 }
+
+var logger = logrus.WithField("module", "middlewares")
--- a/internal/net/http/middleware/x_forwarded.go
+++ b/internal/net/http/middleware/x_forwarded.go
@@ -2,34 +2,16 @@ package middleware

 import (
 	"net"
-	"strings"
 )

-var AddXForwarded = &Middleware{
-	rewrite: func(req *Request) {
-		clientIP, _, err := net.SplitHostPort(req.RemoteAddr)
-		if err == nil {
-			req.Header.Set("X-Forwarded-For", clientIP)
-		} else {
-			req.Header.Del("X-Forwarded-For")
-		}
-		req.Header.Set("X-Forwarded-Host", req.Host)
-		if req.TLS == nil {
-			req.Header.Set("X-Forwarded-Proto", "http")
-		} else {
-			req.Header.Set("X-Forwarded-Proto", "https")
-		}
-	},
-}
-
 var SetXForwarded = &Middleware{
 	rewrite: func(req *Request) {
+		req.Header.Del("Forwarded")
+		req.Header.Del("X-Forwarded-For")
+		req.Header.Del("X-Forwarded-Host")
+		req.Header.Del("X-Forwarded-Proto")
 		clientIP, _, err := net.SplitHostPort(req.RemoteAddr)
 		if err == nil {
-			prior := req.Header["X-Forwarded-For"]
-			if len(prior) > 0 {
-				clientIP = strings.Join(prior, ", ") + ", " + clientIP
-			}
 			req.Header.Set("X-Forwarded-For", clientIP)
 		} else {
 			req.Header.Del("X-Forwarded-For")
@@ -42,3 +24,12 @@ var SetXForwarded = &Middleware{
 		}
 	},
 }
+
+var HideXForwarded = &Middleware{
+	rewrite: func(req *Request) {
+		req.Header.Del("Forwarded")
+		req.Header.Del("X-Forwarded-For")
+		req.Header.Del("X-Forwarded-Host")
+		req.Header.Del("X-Forwarded-Proto")
+	},
+}