photos
/
photos
1
0
Fork 0
Code Issues 7 Releases Activity
photos/cmd/proxy/proxy.go

130 lines
2.3 KiB
Go
Raw Normal View History

Improve proxy
2020-05-31 12:38:15 +08:00
// This is honestly terrible
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
package main
import (
"io"
"log"
"net/http"
Improve proxy
2020-05-31 12:38:15 +08:00
"net/url"
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
"os"
Improve proxy
2020-05-31 12:38:15 +08:00
"strings"
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
"time"
"github.com/miekg/dns"
)
var endpoint string
var endpointSecure bool
Improve proxy
2020-05-31 12:38:15 +08:00
var behindProxy bool
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
var client *http.Client
func main() {
// Read configuration
endpoint = os.Getenv("MINIO_ENDPOINT")
endpointSecure = os.Getenv("MINIO_ENDPOINT_SECURE") == "true"
Improve proxy
2020-05-31 12:38:15 +08:00
behindProxy = os.Getenv("BEHIND_PROXY") == "true"
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
// Setup HTTP client
transport := &http.Transport{
MaxIdleConns: 4,
MaxIdleConnsPerHost: 4,
IdleConnTimeout: 30 * time.Second,
DisableCompression: true,
}
client = &http.Client{
Transport: transport,
Timeout: 5 * time.Second,
}
server := &http.Server{
Addr: ":80",
ReadTimeout: 5 * time.Second,
WriteTimeout: 10 * time.Second,
Handler: http.HandlerFunc(handle),
}
err := server.ListenAndServe()
if err != nil {
panic(err)
}
}
func handle(w http.ResponseWriter, r *http.Request) {
Improve proxy
2020-05-31 12:38:15 +08:00
// Validate host
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
if _, ok := dns.IsDomainName(r.Host); !ok {
w.WriteHeader(http.StatusBadRequest)
return
}
Improve proxy
2020-05-31 12:38:15 +08:00
// Rewrite URL
path := mapPath(r.URL.Path, r.Host)
url := &url.URL{
Scheme: "http",
Host: endpoint,
Path: path,
}
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
if endpointSecure {
Improve proxy
2020-05-31 12:38:15 +08:00
url.Scheme = "https"
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
}
Improve proxy
2020-05-31 12:38:15 +08:00
// Update Forwarded headers
header := safeCloneHeader(r.Header)
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
Improve proxy
2020-05-31 12:38:15 +08:00
// Create forwarded request
out := &http.Request{
URL: url,
Header: header,
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
}
Improve proxy
2020-05-31 12:38:15 +08:00
log.Println(out.URL)
resp, err := client.Do(out)
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
log.Println(err)
return
}
defer resp.Body.Close()
Improve proxy
2020-05-31 12:38:15 +08:00
w.WriteHeader(resp.StatusCode)
io.Copy(w, resp.Body)
}
func mapPath(path, host string) string {
if strings.HasSuffix(path, "/") {
path += "index.html"
}
return "/" + host + path
}
// Further validation is required for this function
func safeCloneHeader(h http.Header) http.Header {
clone := make(http.Header, 0)
for key, value := range h {
if !safeHeaderName(key) {
continue
}
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
for _, v := range value {
Improve proxy
2020-05-31 12:38:15 +08:00
clone.Add(key, v)
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
}
}
Improve proxy
2020-05-31 12:38:15 +08:00
return clone
}
// Comparisons in this function MUST be in canonical form
func safeHeaderName(name string) bool {
if behindProxy {
if name == "X-Forwarded-For" {
return true
}
if name == "X-Forwarded-Host" {
return true
}
if name == "X-Forwarded-Proto" {
return true
}
if name == "Forwarded" {
return true
}
}
return false
Initial insecure and fake webhost proxy for minio
2020-05-31 03:13:22 +08:00
}