wip: still bug for forwarde-host param

2025-07-04 17:58:41 +09:00 · 2025-07-04 17:58:41 +09:00 · 03bfd466bf
commit 03bfd466bf
parent a73321cb27
4 changed files with 20 additions and 5 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -2,6 +2,10 @@

 ## 0.10.1 or 0.11.0 (Unreleased)

+### Improvement
+
+- Feat: Support `Forwarded` header in addition to `X-Forwarded-For` header. This is to support the standard forwarding header for reverse proxy applications (RFC 7239). Use the `forwarded_header` upstream option to enable this feature.
+
 ## 0.10.0

 ### Important Changes
--- a/config-example.toml
+++ b/config-example.toml
@ -84,6 +84,7 @@ upstream_options = [
  "upgrade_insecure_requests",
  "force_http11_upstream",
  "set_upstream_host",         # overwrite HOST value with upstream hostname (like www.yahoo.com)
+  "forwarded_header" # add Forwarded header
 ]
 ######################################################################

--- a/rpxy-lib/src/message_handler/handler_manipulate_messages.rs
+++ b/rpxy-lib/src/message_handler/handler_manipulate_messages.rs
@ -98,6 +98,18 @@ where
    // by default, add "host" header of original server_name if not exist
    if req.headers().get(header::HOST).is_none() {
      let org_host = req.uri().host().ok_or_else(|| anyhow!("Invalid request"))?.to_owned();
+      // Omit port 80 if !tls_enabled, omit port 443 if tls_enabled
+      let org_host = req
+        .uri()
+        .port_u16()
+        .map(|port| {
+          if (tls_enabled && port == 443) || (!tls_enabled && port == 80) {
+            org_host.clone()
+          } else {
+            format!("{}:{}", org_host, port)
+          }
+        })
+        .unwrap_or(org_host);
      req.headers_mut().insert(header::HOST, HeaderValue::from_str(&org_host)?);
    };

--- a/rpxy-lib/src/message_handler/utils_headers.rs
+++ b/rpxy-lib/src/message_handler/utils_headers.rs
@ -121,6 +121,7 @@ pub(super) fn apply_upstream_options_to_header(
      UpstreamOption::ForwardedHeader => {
        // This is called after X-Forwarded-For is added
        // Generate RFC 7239 Forwarded header
+        // TODO: host is generated from x-original-uri
        let host = headers.get(header::HOST).and_then(|h| h.to_str().ok()).unwrap_or("unknown");
        let tls = upstream_base_uri.scheme_str() == Some("https");

@ -240,11 +241,8 @@ pub(super) fn add_forwarding_header(
  // IMPORTANT: If Forwarded header exists, always update it for consistency
  // This ensures headers remain consistent even when forwarded_header upstream option is not specified
  if has_forwarded {
-    let host = headers
-      .get(header::HOST)
-      .and_then(|h| h.to_str().ok())
-      .unwrap_or("unknown");
-    
+    let host = headers.get(header::HOST).and_then(|h| h.to_str().ok()).unwrap_or("unknown");
+
    match generate_forwarded_header(headers, tls, host) {
      Ok(forwarded_value) => {
        add_header_entry_overwrite_if_exist(headers, "forwarded", forwarded_value)?;