13497: Don't propagate connection-oriented headers when proxying.

author Tom Clegg <tclegg@veritasgenetics.com>

Wed, 13 Jun 2018 19:51:07 +0000 (15:51 -0400)

committer Tom Clegg <tclegg@veritasgenetics.com>

Thu, 14 Jun 2018 17:35:40 +0000 (13:35 -0400)
author Tom Clegg <tclegg@veritasgenetics.com>
Wed, 13 Jun 2018 19:51:07 +0000 (15:51 -0400)
committer Tom Clegg <tclegg@veritasgenetics.com>
Thu, 14 Jun 2018 17:35:40 +0000 (13:35 -0400)
diff --git a/lib/controller/handler.go b/lib/controller/handler.go

index 013d293f2ac290dcbb37320c7bb8508081063356..ad765bafa5a0c556e96337a730eda7bfe768e6d3 100644 (file)
--- a/lib/controller/handler.go
+++ b/lib/controller/handler.go
@@ -43,6 +43,19 @@ func (h *Handler) setup() {
         h.handlerStack = mux
  }
  
+// headers that shouldn't be forwarded when proxying. See
+// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers
+var dropHeaders = map[string]bool{
+       "Connection":          true,
+       "Keep-Alive":          true,
+       "Proxy-Authenticate":  true,
+       "Proxy-Authorization": true,
+       "TE":                true,
+       "Trailer":           true,
+       "Transfer-Encoding": true,
+       "Upgrade":           true,
+}
+
  func (h *Handler) proxyRailsAPI(w http.ResponseWriter, reqIn *http.Request) {
         urlOut, err := findRailsAPI(h.Cluster, h.Node)
         if err != nil {
@@ -61,7 +74,9 @@ func (h *Handler) proxyRailsAPI(w http.ResponseWriter, reqIn *http.Request) {
         // headers like Via and X-Forwarded-For.
         hdrOut := http.Header{}
         for k, v := range reqIn.Header {
-               hdrOut[k] = v
+               if !dropHeaders[k] {
+                       hdrOut[k] = v
+               }
         }
         xff := reqIn.RemoteAddr
         if xffIn := reqIn.Header.Get("X-Forwarded-For"); xffIn != "" {
author	Tom Clegg <tclegg@veritasgenetics.com>
	Wed, 13 Jun 2018 19:51:07 +0000 (15:51 -0400)
committer	Tom Clegg <tclegg@veritasgenetics.com>
	Thu, 14 Jun 2018 17:35:40 +0000 (13:35 -0400)