summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/reverseproxy
diff options
context:
space:
mode:
Diffstat (limited to 'modules/caddyhttp/reverseproxy')
-rw-r--r--modules/caddyhttp/reverseproxy/caddyfile.go13
1 files changed, 10 insertions, 3 deletions
diff --git a/modules/caddyhttp/reverseproxy/caddyfile.go b/modules/caddyhttp/reverseproxy/caddyfile.go
index 003f676..f4556ea 100644
--- a/modules/caddyhttp/reverseproxy/caddyfile.go
+++ b/modules/caddyhttp/reverseproxy/caddyfile.go
@@ -131,12 +131,15 @@ func (h *Handler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
if toURL.Scheme == "https" && urlPort == "80" {
return "", d.Err("upstream address has conflicting scheme (https://) and port (:80, the HTTP port)")
}
+ if toURL.Scheme == "h2c" && urlPort == "443" {
+ return "", d.Err("upstream address has conflicting scheme (h2c://) and port (:443, the HTTPS port)")
+ }
// if port is missing, attempt to infer from scheme
if toURL.Port() == "" {
var toPort string
switch toURL.Scheme {
- case "", "http":
+ case "", "http", "h2c":
toPort = "80"
case "https":
toPort = "443"
@@ -565,8 +568,9 @@ func (h *Handler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
}
// if the scheme inferred from the backends' addresses is
- // HTTPS, we will need a non-nil transport to enable TLS
- if commonScheme == "https" && transport == nil {
+ // HTTPS, we will need a non-nil transport to enable TLS,
+ // or if H2C, to set the transport versions.
+ if (commonScheme == "https" || commonScheme == "h2c") && transport == nil {
transport = new(HTTPTransport)
transportModuleName = "http"
}
@@ -583,6 +587,9 @@ func (h *Handler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
if commonScheme == "http" && te.TLSEnabled() {
return d.Errf("upstream address scheme is HTTP but transport is configured for HTTP+TLS (HTTPS)")
}
+ if te, ok := transport.(*HTTPTransport); ok && commonScheme == "h2c" {
+ te.Versions = []string{"h2c", "2"}
+ }
} else if commonScheme == "https" {
return d.Errf("upstreams are configured for HTTPS but transport module does not support TLS: %T", transport)
}