local cors proxy fixes (#699)

Hubs-Foundation · Oct 10, 2023 · ef3fde0 · ef3fde0
1 parent efa6ea5
commit ef3fde0
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 15 deletions.
diff --git a/lib/ret_web/controllers/page_controller.ex b/lib/ret_web/controllers/page_controller.ex
@@ -696,32 +696,28 @@ defmodule RetWeb.PageController do
             cors_port == conn.port
         end
 
-      IO.puts("is_cors_proxy_url: #{is_cors_proxy_url}")
-
       if is_cors_proxy_url do
         allowed_origins =
           Application.get_env(:ret, RetWeb.Endpoint)[:allowed_origins] |> String.split(",")
-
         opts =
           ReverseProxyPlug.init(
-            upstream: ip_url,
+            upstream: url,
             allowed_origins: allowed_origins,
             proxy_url: "#{cors_scheme}://#{cors_host}:#{cors_port}",
             # Since we replaced the host with the IP address in ip_url above, we need to force the host
             # used for ssl verification here so that the connection isn't rejected.
             # Note that we have to convert the authority to a charlist, since this uses Erlang's `ssl` module
             # internally, which expects a charlist.
             client_options: [
-              ssl: [{:server_name_indication, to_charlist(authority)}, {:versions, [:"tlsv1.2"]}]
+              ssl: [{:server_name_indication, to_charlist(authority)}, {:versions, [:"tlsv1.2",:"tlsv1.3"]}]
             ],
-            preserve_host_header: true
+            # preserve_host_header: true
           )
 
         body = ReverseProxyPlug.read_body(conn)
         is_head = conn |> Conn.get_req_header("x-original-method") == ["HEAD"]
 
-        %Conn{}
-        |> Map.merge(conn)
+        %Conn{}|> Map.merge(conn)
         |> Map.put(
           :method,
           if is_head do
@@ -732,11 +728,6 @@ defmodule RetWeb.PageController do
         )
         # Need to strip path_info since proxy plug reads it
         |> Map.put(:path_info, [])
-        # Since we replaced the host with the IP address in ip_url above, we need to force the host
-        # header back to the original authority so that the proxy destination does not reject our request
-        |> Map.update!(:req_headers, &[{"host", authority} | &1])
-        # Some domains disallow access from improper Origins
-        |> Conn.delete_req_header("origin")
         |> ReverseProxyPlug.request(body, opts)
         |> ReverseProxyPlug.response(conn, opts)
       else

diff --git a/mix.exs b/mix.exs
@@ -80,8 +80,7 @@ defmodule Ret.Mixfile do
       {:scrivener_ecto, "~> 2.0"},
       {:ua_parser, "~> 1.5"},
       {:download, git: "https://github.com/gfodor/download.git", branch: "reticulum/master"},
-      {:reverse_proxy_plug,
-       git: "https://github.com/mozillareality/reverse_proxy_plug.git", branch: "reticulum/master"},
+      {:reverse_proxy_plug, "~> 2.1"},
       {:inet_cidr, "~> 1.0"},
       {:dns, "~> 2.2.0"},
       {:oauther, "~> 1.1"},