Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle multivalue X-Forwarded-Proto header #5242

Merged
merged 1 commit into from
Jan 7, 2020
Merged

Handle multivalue X-Forwarded-Proto header #5242

merged 1 commit into from
Jan 7, 2020

Conversation

ahmelsayed
Copy link
Contributor

Closes #5198

@ahmelsayed ahmelsayed mentioned this pull request Nov 13, 2019
Closed
brettsam
brettsam previously approved these changes Nov 13, 2019
View reviewed changes
@ahmelsayed
Copy link
Contributor Author

@brettsam I pushed another change to only register this middleware in linux consumption. It shouldn't be in the CLI or the runtime generically like it was.

NickDarvey
NickDarvey reviewed Nov 14, 2019
View reviewed changes
src/WebJobs.Script.WebHost/Middleware/AppServiceHeaderFixupMiddleware.cs Outdated
@@ -29,7 +29,7 @@ public async Task Invoke(HttpContext httpContext)

if (httpContext.Request.Headers.TryGetValue(ForwardedProtocolHeader, out value))
{
httpContext.Request.Scheme = value;
httpContext.Request.Scheme = value.FirstOrDefault();
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this be .First() so that if there's an empty value it blows up here rather than causing a NullReferenceException further down the pipeline? (Unless a null for request. Scheme is valid?)

Unless you want to treat empty header values as valid (which seems to be quite the discussion) in which case should it fallback to not overwriting the scheme if there's no value?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. I don't think a null scheme, but I think it makes sense to not overwrite it if the header happens to be empty for any reason. Thanks @NickDarvey

fabiocav
fabiocav previously approved these changes Dec 31, 2019
View reviewed changes
Copy link
Member

@fabiocav fabiocav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A nit and a small question.

src/WebJobs.Script.WebHost/Middleware/AppServiceHeaderFixupMiddleware.cs Outdated
@@ -29,7 +29,11 @@ public async Task Invoke(HttpContext httpContext)

if (httpContext.Request.Headers.TryGetValue(ForwardedProtocolHeader, out value))
{
httpContext.Request.Scheme = value.FirstOrDefault();
var scheme = value.FirstOrDefault();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: var -> string

src/WebJobs.Script.WebHost/Middleware/AppServiceHeaderFixupMiddleware.cs Outdated
@@ -29,7 +29,11 @@ public async Task Invoke(HttpContext httpContext)

if (httpContext.Request.Headers.TryGetValue(ForwardedProtocolHeader, out value))
{
httpContext.Request.Scheme = value.FirstOrDefault();
var scheme = value.FirstOrDefault();
if (scheme != null)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we end up with an empty string here as well?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

as NickDarvey mentioned, an empty header value is a malformed header. TryGetValue returns false if the header is passed as empty from the client, so I was assuming aspnet will do validation on these things before passing the request to the application. !string.IsNullOrEmpty() won't hurt though, even if technically not valid per https://tools.ietf.org/html/rfc7230#section-3.2

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense, just wanted to make sure it's something we had validated/thought about.

fabiocav
fabiocav previously approved these changes Jan 6, 2020
View reviewed changes
@ahmelsayed ahmelsayed merged commit 28ba9d9 into dev Jan 7, 2020
@ahmelsayed ahmelsayed deleted the ahmels/x-f-proto branch January 7, 2020 04:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@NickDarvey NickDarvey NickDarvey left review comments

@fabiocav fabiocav fabiocav left review comments

@brettsam brettsam brettsam left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

X-Forwarded-Proto overwrites the scheme of HTTP triggers
4 participants
@ahmelsayed @brettsam @fabiocav @NickDarvey