tuxmain/rust-rpxy
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Do not change headers
Some checks failed
Unit Test / test (push) Has been cancelled
Details
ShiftLeft Scan / Scan-Build (push) Has been cancelled
Details

Browse source
This commit is contained in:
Pascal Engélibert 2026-01-13 14:17:49 +01:00
commit d9571b7ca8
1 changed files with 1 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

40
rpxy-lib/src/message_handler/handler_manipulate_messages.rs
View file

@ -19,39 +19,7 @@ where
#[allow(unused_variables)]
/// Manipulate a response message sent from a backend application to forward downstream to a client.
pub(super) fn generate_response_forwarded<B>(&self, response: &mut Response<B>, backend_app: &BackendApp) -> Result<()> {
let headers = response.headers_mut();
remove_connection_header(headers);
remove_hop_header(headers);
add_header_entry_overwrite_if_exist(headers, "server", RESPONSE_HEADER_SERVER)?;
#[cfg(any(feature = "http3-quinn", feature = "http3-s2n"))]
{
// Manipulate ALT_SVC allowing h3 in response message only when mutual TLS is not enabled
// TODO: This is a workaround for avoiding a client authentication in HTTP/3
if self.globals.proxy_config.http3
&& backend_app.https_redirection.is_some()
&& backend_app.mutual_tls.as_ref().is_some_and(|v| !v)
{
if let Some(port) = self.globals.proxy_config.https_redirection_port {
add_header_entry_overwrite_if_exist(
headers,
header::ALT_SVC.as_str(),
format!("h3=\":{}\"; ma={}", port, self.globals.proxy_config.h3_alt_svc_max_age),
)?;
}
} else {
// remove alt-svc to disallow requests via http3
headers.remove(header::ALT_SVC.as_str());
}
}
#[cfg(not(any(feature = "http3-quinn", feature = "http3-s2n")))]
{
if self.globals.proxy_config.https_port.is_some() {
headers.remove(header::ALT_SVC.as_str());
}
}
pub(super) fn generate_response_forwarded<B>(&self, _response: &mut Response<B>, _backend_app: &BackendApp) -> Result<()> {
Ok(())
}
@ -83,12 +51,6 @@ where
let original_uri = req.uri().clone();
let headers = req.headers_mut();
// delete headers specified in header.connection
remove_connection_header(headers);
// delete hop headers including header.connection
remove_hop_header(headers);
// X-Forwarded-For (and Forwarded if exists)
add_forwarding_header(headers, client_addr, listen_addr, tls_enabled, &original_uri)?;
// Add te: trailer if te_trailer
if contains_te_trailers {