From 0708e4bf445f9e4760d53f626f1b612faff8818b Mon Sep 17 00:00:00 2001 From: Fabrizio Date: Tue, 13 Aug 2024 21:21:11 +0200 Subject: [PATCH] fix: proxy headers for protocols (#534) --- src/http/routes/tus/lifecycle.ts | 11 ++++++----- src/storage/protocols/s3/signature-v4.ts | 3 +-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/http/routes/tus/lifecycle.ts b/src/http/routes/tus/lifecycle.ts index 7317f23f..1fda1e21 100644 --- a/src/http/routes/tus/lifecycle.ts +++ b/src/http/routes/tus/lifecycle.ts @@ -92,14 +92,15 @@ export function generateUrl( } proto = process.env.NODE_ENV === 'production' ? 'https' : proto - const url = new URL( - `${proto}://${(req.headers.x_forwarded_host as string) || (req.headers.host as string) || ''}` - ) const isSigned = req.url?.endsWith(SIGNED_URL_SUFFIX) const fullPath = isSigned ? `${path}${SIGNED_URL_SUFFIX}` : path - if (url.port && req.headers['x-forwarded-port']) { - host += `:${req.headers['x-forwarded-port']}` + if (req.headers['x-forwarded-host']) { + const port = req.headers['x-forwarded-port'] + + if (typeof port === 'string' && port && !['443', '80'].includes(port)) { + host += `:${req.headers['x-forwarded-port']}` + } } // remove the tenant-id from the url, since we'll be using the tenant-id from the request diff --git a/src/storage/protocols/s3/signature-v4.ts b/src/storage/protocols/s3/signature-v4.ts index e453a2e8..c7d13eec 100644 --- a/src/storage/protocols/s3/signature-v4.ts +++ b/src/storage/protocols/s3/signature-v4.ts @@ -325,11 +325,10 @@ export class SignatureV4 { const xForwardedHost = this.getHeader(request, 'x-forwarded-host') if (xForwardedHost) { - const url = new URL(request.url) const port = this.getHeader(request, 'x-forwarded-port') const host = `host:${xForwardedHost.toLowerCase()}` - if (port && url.port) { + if (port && !['443', '80'].includes(port)) { return host + ':' + port } return host