X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/703179225b04309485c0a1cefb794df6c919e84f..c4baa0a1c57c5b9aa5d08a5d3d1f50eca842d3f7:/lib/controller/proxy.go

diff --git a/lib/controller/proxy.go b/lib/controller/proxy.go
index c89b9b36ae..26d1859ec8 100644
--- a/lib/controller/proxy.go
+++ b/lib/controller/proxy.go
@@ -5,18 +5,15 @@
 package controller
 
 import (
-	"context"
 	"io"
 	"net/http"
 	"net/url"
-	"time"
 
-	"git.curoverse.com/arvados.git/sdk/go/httpserver"
+	"git.arvados.org/arvados.git/sdk/go/httpserver"
 )
 
 type proxy struct {
-	Name           string // to use in Via header
-	RequestTimeout time.Duration
+	Name string // to use in Via header
 }
 
 type HTTPError struct {
@@ -28,19 +25,31 @@ func (h HTTPError) Error() string {
 	return h.Message
 }
 
-// headers that shouldn't be forwarded when proxying. See
-// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers
 var dropHeaders = map[string]bool{
+	// Headers that shouldn't be forwarded when proxying. See
+	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers
 	"Connection":          true,
 	"Keep-Alive":          true,
 	"Proxy-Authenticate":  true,
 	"Proxy-Authorization": true,
-	"TE":                true,
-	"Trailer":           true,
-	"Transfer-Encoding": true, // *-Encoding headers interfer with Go's automatic compression/decompression
-	"Content-Encoding":  true,
+	// (comment/space here makes gofmt1.10 agree with gofmt1.11)
+	"TE":      true,
+	"Trailer": true,
+	"Upgrade": true,
+
+	// Headers that would interfere with Go's automatic
+	// compression/decompression if we forwarded them.
 	"Accept-Encoding":   true,
-	"Upgrade":           true,
+	"Content-Encoding":  true,
+	"Transfer-Encoding": true,
+
+	// Content-Length depends on encoding.
+	"Content-Length": true,
+
+	// Defend against Rails vulnerability CVE-2023-22795 -
+	// we don't use this functionality anyway, so it costs us nothing.
+	// <https://discuss.rubyonrails.org/t/cve-2023-22795-possible-redos-based-dos-vulnerability-in-action-dispatch/82118>
+	"If-None-Match": true,
 }
 
 type ResponseFilter func(*http.Response, error) (*http.Response, error)
@@ -49,7 +58,7 @@ type ResponseFilter func(*http.Response, error) (*http.Response, error)
 func (p *proxy) Do(
 	reqIn *http.Request,
 	urlOut *url.URL,
-	client *http.Client) (*http.Response, context.CancelFunc, error) {
+	client *http.Client) (*http.Response, error) {
 
 	// Copy headers from incoming request, then add/replace proxy
 	// headers like Via and X-Forwarded-For.
@@ -59,32 +68,27 @@ func (p *proxy) Do(
 			hdrOut[k] = v
 		}
 	}
-	xff := reqIn.RemoteAddr
-	if xffIn := reqIn.Header.Get("X-Forwarded-For"); xffIn != "" {
-		xff = xffIn + "," + xff
+	xff := ""
+	for _, xffIn := range reqIn.Header["X-Forwarded-For"] {
+		if xffIn != "" {
+			xff += xffIn + ","
+		}
 	}
+	xff += reqIn.RemoteAddr
 	hdrOut.Set("X-Forwarded-For", xff)
 	if hdrOut.Get("X-Forwarded-Proto") == "" {
 		hdrOut.Set("X-Forwarded-Proto", reqIn.URL.Scheme)
 	}
 	hdrOut.Add("Via", reqIn.Proto+" arvados-controller")
 
-	ctx := reqIn.Context()
-	var cancel context.CancelFunc
-	if p.RequestTimeout > 0 {
-		ctx, cancel = context.WithDeadline(ctx, time.Now().Add(time.Duration(p.RequestTimeout)))
-	}
-
 	reqOut := (&http.Request{
 		Method: reqIn.Method,
 		URL:    urlOut,
 		Host:   reqIn.Host,
 		Header: hdrOut,
 		Body:   reqIn.Body,
-	}).WithContext(ctx)
-
-	resp, err := client.Do(reqOut)
-	return resp, cancel, err
+	}).WithContext(reqIn.Context())
+	return client.Do(reqOut)
 }
 
 // Copy a response (or error) to the downstream client