3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-04 01:09:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

forward-auth: fix special character support for nginx (#1578)

Browse source
This commit is contained in:
bobby 2020-11-12 10:10:57 -08:00 committed by GitHub
parent eb19d6e125
commit c199909032
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 17 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

11
authorize/grpc.go
View file

@ -48,7 +48,7 @@ func (a *Authorize) Check(ctx context.Context, in *envoy_service_auth_v2.CheckRe
fwdAuthURI := getForwardAuthURL(hreq)
in.Attributes.Request.Http.Scheme = fwdAuthURI.Scheme
in.Attributes.Request.Http.Host = fwdAuthURI.Host
in.Attributes.Request.Http.Path = fwdAuthURI.Path
in.Attributes.Request.Http.Path = fwdAuthURI.EscapedPath()
if fwdAuthURI.RawQuery != "" {
in.Attributes.Request.Http.Path += "?" + fwdAuthURI.RawQuery
}
@ -194,8 +194,13 @@ func getForwardAuthURL(r *http.Request) *url.URL {
Path: r.Header.Get(httputil.HeaderForwardedURI),
}
}
// todo(bdd): handle httputil.HeaderOriginalURL which incorporates
// path and query params
originalURL := r.Header.Get(httputil.HeaderOriginalURL)
if originalURL != "" {
k, _ := urlutil.ParseAndValidateURL(originalURL)
if k != nil {
u = k
}
}
return u
}