Skip to content

Commit

Permalink
Add log on suspicious X-Forwarded-Proto and Port
Browse files Browse the repository at this point in the history 
Signed-off-by: Eloi DEMOLIS <eloi.demolis@clever-cloud.com>
  • Loading branch information
@Wonshtrum
Wonshtrum committed Oct 27, 2023
1 parent 71cf51d commit 8854576
Showing 1 changed file with 19 additions and 0 deletions.
19 changes: 19 additions & 0 deletions lib/src/protocol/kawa_h1/editor.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,9 +142,28 @@ impl HttpContext {
} else if compare_no_case(key, b"X-Forwarded-Proto") {
has_x_proto = true;
// header.val = kawa::Store::Static(proto.as_bytes());
incr!("http.trusting.x_proto");
let val = header.val.data(buf);
if !compare_no_case(val, proto.as_bytes()) {
incr!("http.trusting.x_proto.diff");
debug!(
"Trusting X-Forwarded-Proto for {:?} even though {:?} != {}",
self.authority, val, proto
);
}
} else if compare_no_case(key, b"X-Forwarded-Port") {
has_x_port = true;
// header.val = kawa::Store::from_string(public_port.to_string());
incr!("http.trusting.x_port");
let val = header.val.data(buf);
let expected = public_port.to_string();
if !compare_no_case(val, expected.as_bytes()) {
incr!("http.trusting.x_port.diff");
debug!(
"Trusting X-Forwarded-Port for {:?} even though {:?} != {}",
self.authority, val, expected
);
}
} else if compare_no_case(key, b"X-Forwarded-For") {
x_for = Some(header);
} else if compare_no_case(key, b"Forwarded") {
Expand Down

0 comments on commit 8854576

Please sign in to comment.