Skip to content

Commit

Permalink
Merge pull request #1020 from sozu-proxy/devel/edemolis/feat/x-for-log
Browse files Browse the repository at this point in the history 
Add log on suspicious X-Forwarded-Proto and Port
  • Loading branch information
@FlorentinDUBOIS
FlorentinDUBOIS authored Oct 27, 2023
2 parents 9d77370 + 8854576 commit b1bde07
Showing 1 changed file with 19 additions and 0 deletions.
19 changes: 19 additions & 0 deletions lib/src/protocol/kawa_h1/editor.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,9 +142,28 @@ impl HttpContext {
} else if compare_no_case(key, b"X-Forwarded-Proto") {
has_x_proto = true;
// header.val = kawa::Store::Static(proto.as_bytes());
incr!("http.trusting.x_proto");
let val = header.val.data(buf);
if !compare_no_case(val, proto.as_bytes()) {
incr!("http.trusting.x_proto.diff");
debug!(
"Trusting X-Forwarded-Proto for {:?} even though {:?} != {}",
self.authority, val, proto
);
}
} else if compare_no_case(key, b"X-Forwarded-Port") {
has_x_port = true;
// header.val = kawa::Store::from_string(public_port.to_string());
incr!("http.trusting.x_port");
let val = header.val.data(buf);
let expected = public_port.to_string();
if !compare_no_case(val, expected.as_bytes()) {
incr!("http.trusting.x_port.diff");
debug!(
"Trusting X-Forwarded-Port for {:?} even though {:?} != {}",
self.authority, val, expected
);
}
} else if compare_no_case(key, b"X-Forwarded-For") {
x_for = Some(header);
} else if compare_no_case(key, b"Forwarded") {
Expand Down

0 comments on commit b1bde07

Please sign in to comment.