1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
14 "git.curoverse.com/arvados.git/sdk/go/arvados"
15 "git.curoverse.com/arvados.git/sdk/go/httpserver"
18 // headers that shouldn't be forwarded when proxying. See
19 // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers
20 var dropHeaders = map[string]bool{
23 "Proxy-Authenticate": true,
24 "Proxy-Authorization": true,
27 "Transfer-Encoding": true,
31 func (h *Handler) proxy(w http.ResponseWriter, reqIn *http.Request, urlOut *url.URL) {
32 // Copy headers from incoming request, then add/replace proxy
33 // headers like Via and X-Forwarded-For.
34 hdrOut := http.Header{}
35 for k, v := range reqIn.Header {
40 xff := reqIn.RemoteAddr
41 if xffIn := reqIn.Header.Get("X-Forwarded-For"); xffIn != "" {
42 xff = xffIn + "," + xff
44 hdrOut.Set("X-Forwarded-For", xff)
45 hdrOut.Add("Via", reqIn.Proto+" arvados-controller")
47 ctx := reqIn.Context()
48 if timeout := h.Cluster.HTTPRequestTimeout; timeout > 0 {
49 var cancel context.CancelFunc
50 ctx, cancel = context.WithDeadline(ctx, time.Now().Add(time.Duration(timeout)))
54 reqOut := (&http.Request{
60 resp, err := arvados.InsecureHTTPClient.Do(reqOut)
62 httpserver.Error(w, err.Error(), http.StatusInternalServerError)
65 for k, v := range resp.Header {
70 w.WriteHeader(resp.StatusCode)
71 n, err := io.Copy(w, resp.Body)
73 httpserver.Logger(reqIn).WithError(err).WithField("bytesCopied", n).Error("error copying response body")