summaryrefslogtreecommitdiff
path: root/modules/caddyhttp
diff options
context:
space:
mode:
authorFrancis Lavoie <lavofr@gmail.com>2021-10-26 16:41:28 -0400
committerGitHub <noreply@github.com>2021-10-26 14:41:28 -0600
commitf73f55dba745a8a527202b87fdd3ff88fa9f40b1 (patch)
treeba55c3aba51d83710b12d2527d71fa1d043b6642 /modules/caddyhttp
parent012d235314fcc2a27302d00ee6f53459e54c0eb8 (diff)
reverseproxy: Sanitize scheme and host on incoming requests (#4237)
* caddyhttp: Sanitize scheme and host on incoming requests * reverseproxy: Sanitize the URL scheme and host before proxying * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Diffstat (limited to 'modules/caddyhttp')
-rw-r--r--modules/caddyhttp/reverseproxy/reverseproxy.go14
1 files changed, 14 insertions, 0 deletions
diff --git a/modules/caddyhttp/reverseproxy/reverseproxy.go b/modules/caddyhttp/reverseproxy/reverseproxy.go
index e626962..36dfbfe 100644
--- a/modules/caddyhttp/reverseproxy/reverseproxy.go
+++ b/modules/caddyhttp/reverseproxy/reverseproxy.go
@@ -395,9 +395,23 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyht
// should not permanently change r.Host; issue #3509)
reqHost := r.Host
reqHeader := r.Header
+
+ // sanitize the request URL; we expect it to not contain the scheme and host
+ // since those should be determined by r.TLS and r.Host respectively, but
+ // some clients may include it in the request-line, which is technically
+ // valid in HTTP, but breaks reverseproxy behaviour, overriding how the
+ // dialer will behave. See #4237 for context.
+ origURLScheme := r.URL.Scheme
+ origURLHost := r.URL.Host
+ r.URL.Scheme = ""
+ r.URL.Host = ""
+
+ // restore modifications to the request after we're done proxying
defer func() {
r.Host = reqHost // TODO: data race, see #4038
r.Header = reqHeader // TODO: data race, see #4038
+ r.URL.Scheme = origURLScheme
+ r.URL.Host = origURLHost
}()
start := time.Now()