went back to using `http-proxy` for non-websockets
We need to be able to insert `X-Forwarded` header for all the requests on a TCP keep-alive connection
This commit is contained in:
tigerbot
parent
d5dee498f5
commit
231e54d808
|
|
@ -6,13 +6,6 @@ module.exports.create = function (deps, conf, greenlockMiddleware) {
|
|||
var domainMatches = require('../domain-utils').match;
|
||||
var separatePort = require('../domain-utils').separatePort;
|
||||
|
||||
var adminDomains = [
|
||||
/\blocalhost\.admin\./
|
||||
, /\blocalhost\.alpha\./
|
||||
, /\badmin\.localhost\./
|
||||
, /\balpha\.localhost\./
|
||||
];
|
||||
|
||||
function parseHeaders(conn, opts) {
|
||||
// There should already be a `firstChunk` on the opts, but because we might sometimes
|
||||
// need more than that to get all the headers it's easier to always read the data off
|
||||
|
|
@ -200,7 +193,50 @@ module.exports.create = function (deps, conf, greenlockMiddleware) {
|
|||
return false;
|
||||
}
|
||||
|
||||
function checkProxy(mod, conn, opts, headers) {
|
||||
var proxyServer;
|
||||
function createProxyServer() {
|
||||
var http = require('http');
|
||||
var agent = new http.Agent();
|
||||
agent.createConnection = deps.net.createConnection;
|
||||
|
||||
var proxy = require('http-proxy').createProxyServer({
|
||||
agent: agent,
|
||||
toProxy: true
|
||||
});
|
||||
|
||||
proxyServer = http.createServer(function (req, res) {
|
||||
proxy.web(req, res, req.connection.proxyOpts);
|
||||
});
|
||||
proxyServer.on('upgrade', function (req, socket, head) {
|
||||
proxy.ws(req, socket, head, socket.proxyOpts);
|
||||
});
|
||||
}
|
||||
function proxyRequest(mod, conn, opts, headers) {
|
||||
if (!proxyServer) {
|
||||
createProxyServer();
|
||||
}
|
||||
|
||||
var xHeaders = {};
|
||||
// Then add our own `X-Forwarded` headers at the end.
|
||||
if (conf.http.trustProxy && headers['x-forwarded-proto']) {
|
||||
xHeaders['X-Forwarded-Proto'] = headers['x-forwarded-proto'];
|
||||
} else {
|
||||
xHeaders['X-Forwarded-Proto'] = conn.encrypted ? 'https' : 'http';
|
||||
}
|
||||
var proxyChain = (headers['x-forwarded-for'] || '').split(/ *, */).filter(Boolean);
|
||||
proxyChain.push(opts.remoteAddress || opts.address || conn.remoteAddress);
|
||||
xHeaders['X-Forwarded-For'] = proxyChain.join(', ');
|
||||
xHeaders['X-Forwarded-Host'] = headers.host;
|
||||
|
||||
conn.proxyOpts = {
|
||||
target: 'http://'+(mod.address || (mod.host || 'localhost')+':'+mod.port),
|
||||
headers: xHeaders
|
||||
};
|
||||
proxyServer.emit('connection', conn);
|
||||
conn.unshift(opts.firstChunk);
|
||||
}
|
||||
|
||||
function proxyWebsocket(mod, conn, opts, headers) {
|
||||
var index = opts.firstChunk.indexOf('\r\n\r\n');
|
||||
var body = opts.firstChunk.slice(index);
|
||||
|
||||
|
|
@ -236,6 +272,14 @@ module.exports.create = function (deps, conf, greenlockMiddleware) {
|
|||
newConnOpts.remotePort = opts.port || conn.remotePort;
|
||||
|
||||
deps.proxy(conn, newConnOpts, opts.firstChunk);
|
||||
}
|
||||
|
||||
function checkProxy(mod, conn, opts, headers) {
|
||||
if ((headers.connection || '').toLowerCase() === 'upgrade') {
|
||||
proxyWebsocket(mod, conn, opts, headers);
|
||||
} else {
|
||||
proxyRequest(mod, conn, opts, headers);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load Diff
|
|
@ -45,6 +45,7 @@
|
|||
"express": "git+https://github.com/expressjs/express.git#4.x",
|
||||
"finalhandler": "^0.4.0",
|
||||
"greenlock": "git+https://git.daplie.com/Daplie/node-greenlock.git#master",
|
||||
"http-proxy": "^1.16.2",
|
||||
"ipaddr.js": "git+https://github.com/whitequark/ipaddr.js.git#v1.3.0",
|
||||
"ipify": "^1.1.0",
|
||||
"js-yaml": "^3.8.3",
|
||||
|
|
|
|||
Loading…
Reference in New Issue