Skip to content

Commit

Permalink
fix: proxy headers for protocols
Browse files Browse the repository at this point in the history
  • Loading branch information
fenos committed Aug 13, 2024
1 parent a298856 commit 0fc9e22
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 7 deletions.
11 changes: 6 additions & 5 deletions src/http/routes/tus/lifecycle.ts
Original file line number Diff line number Diff line change
Expand Up @@ -92,14 +92,15 @@ export function generateUrl(
}
proto = process.env.NODE_ENV === 'production' ? 'https' : proto

const url = new URL(
`${proto}://${(req.headers.x_forwarded_host as string) || (req.headers.host as string) || ''}`
)
const isSigned = req.url?.endsWith(SIGNED_URL_SUFFIX)
const fullPath = isSigned ? `${path}${SIGNED_URL_SUFFIX}` : path

if (url.port && req.headers['x-forwarded-port']) {
host += `:${req.headers['x-forwarded-port']}`
if (req.headers['x-forwarded-host']) {
const port = req.headers['x-forwarded-port']

if (typeof port === 'string' && port && !['443', '80'].includes(port)) {
host += `:${req.headers['x-forwarded-port']}`
}
}

// remove the tenant-id from the url, since we'll be using the tenant-id from the request
Expand Down
4 changes: 2 additions & 2 deletions src/storage/protocols/s3/signature-v4.ts
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,7 @@ export class SignatureV4 {
request,
clientSignature.signedHeaders
)
console.log('canonical request', canonicalRequest)
const stringToSign = this.constructStringToSign(
longDate,
clientSignature.credentials.shortDate,
Expand Down Expand Up @@ -325,11 +326,10 @@ export class SignatureV4 {

const xForwardedHost = this.getHeader(request, 'x-forwarded-host')
if (xForwardedHost) {
const url = new URL(request.url)
const port = this.getHeader(request, 'x-forwarded-port')
const host = `host:${xForwardedHost.toLowerCase()}`

if (port && url.port) {
if (port && !['443', '80'].includes(port)) {
return host + ':' + port
}
return host
Expand Down

0 comments on commit 0fc9e22

Please sign in to comment.