From ad0c43e56f43f60594f1074f2cf9bdae9a6aca02 Mon Sep 17 00:00:00 2001 From: Jon Wood Date: Tue, 12 Nov 2019 16:10:29 +0000 Subject: [PATCH 1/4] Respect X-Forwarded-Proto headers --- lib/falcon/adapters/rack.rb | 4 ++++ spec/falcon/adapters/rack_spec.rb | 22 ++++++++++++++++++++++ 2 files changed, 26 insertions(+) diff --git a/lib/falcon/adapters/rack.rb b/lib/falcon/adapters/rack.rb index f803808a..facc291f 100644 --- a/lib/falcon/adapters/rack.rb +++ b/lib/falcon/adapters/rack.rb @@ -114,6 +114,10 @@ def unwrap_request(request, env) def call(request) request_path, query_string = request.path.split('?', 2) server_name, server_port = (request.authority || '').split(':', 2) + + unless request.headers["x-forwarded-proto"].nil? + request.scheme = request.headers["x-forwarded-proto"].first + end env = { RACK_VERSION => [2, 0, 0], diff --git a/spec/falcon/adapters/rack_spec.rb b/spec/falcon/adapters/rack_spec.rb index f2a45e5f..8b467006 100644 --- a/spec/falcon/adapters/rack_spec.rb +++ b/spec/falcon/adapters/rack_spec.rb @@ -91,6 +91,28 @@ end end + context "rack.url_scheme" do + include_context Falcon::Server + let(:protocol) {Async::HTTP::Protocol::HTTP1} + + let(:app) do + lambda do |env| + [200, {}, ["Scheme: #{env['rack.url_scheme'].inspect}"]] + end + end + + it 'defaults to http' do + response = client.get('/') + + expect(response.read).to be == 'Scheme: "http"' + end + + it 'responses X-Forwarded-Proto headers' do + response = client.get('/', [["X-Forwarded-Proto", "https"]]) + + expect(response.read).to be == 'Scheme: "https"' + end + end context "early hints" do it_behaves_like Falcon::Adapters::EarlyHints end From 70f79c318a8aac96940413d5c235e09e1476afdf Mon Sep 17 00:00:00 2001 From: Jon Wood Date: Tue, 12 Nov 2019 16:21:48 +0000 Subject: [PATCH 2/4] Try moving forwarded proto support after header unwrap --- lib/falcon/adapters/rack.rb | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/falcon/adapters/rack.rb b/lib/falcon/adapters/rack.rb index facc291f..a1c05e76 100644 --- a/lib/falcon/adapters/rack.rb +++ b/lib/falcon/adapters/rack.rb @@ -114,10 +114,6 @@ def unwrap_request(request, env) def call(request) request_path, query_string = request.path.split('?', 2) server_name, server_port = (request.authority || '').split(':', 2) - - unless request.headers["x-forwarded-proto"].nil? - request.scheme = request.headers["x-forwarded-proto"].first - end env = { RACK_VERSION => [2, 0, 0], @@ -161,6 +157,11 @@ def call(request) } self.unwrap_request(request, env) + + unless request.headers["x-forwarded-proto"].nil? + request.scheme = request.headers["x-forwarded-proto"].first + env[RACK_URL_SCHEME] = request.scheme + end if request.push? env[RACK_EARLY_HINTS] = EarlyHints.new(request) From 83ac77ce386ebb8764dac8cda7030e64765c29b9 Mon Sep 17 00:00:00 2001 From: Jon Wood Date: Tue, 12 Nov 2019 16:36:04 +0000 Subject: [PATCH 3/4] Don't touch the headers at all --- lib/falcon/adapters/rack.rb | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/lib/falcon/adapters/rack.rb b/lib/falcon/adapters/rack.rb index a1c05e76..12ce4356 100644 --- a/lib/falcon/adapters/rack.rb +++ b/lib/falcon/adapters/rack.rb @@ -105,6 +105,7 @@ def unwrap_request(request, env) # https://tools.ietf.org/html/rfc7239#section-5.4 # https://github.com/rack/rack/issues/1310 env[HTTP_X_FORWARDED_PROTO] ||= request.scheme + env[RACK_URL_SCHEME] = env[HTTP_X_FORWARDED_PROTO] if remote_address = request.remote_address env[REMOTE_ADDR] = remote_address.ip_address if remote_address.ip? @@ -158,11 +159,6 @@ def call(request) self.unwrap_request(request, env) - unless request.headers["x-forwarded-proto"].nil? - request.scheme = request.headers["x-forwarded-proto"].first - env[RACK_URL_SCHEME] = request.scheme - end - if request.push? env[RACK_EARLY_HINTS] = EarlyHints.new(request) end From 9f1501b2003f0af47a340d8e84cbf689127f8899 Mon Sep 17 00:00:00 2001 From: Jon Wood Date: Wed, 13 Nov 2019 12:32:37 +0000 Subject: [PATCH 4/4] Loosen requirements on async-http to allow git sourcing --- falcon.gemspec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/falcon.gemspec b/falcon.gemspec index 7ce5b8c9..c769837d 100644 --- a/falcon.gemspec +++ b/falcon.gemspec @@ -21,7 +21,7 @@ Gem::Specification.new do |spec| spec.add_dependency "async", "~> 1.13" spec.add_dependency "async-io", "~> 1.22" - spec.add_dependency "async-http", "~> 0.48.0" + spec.add_dependency "async-http" spec.add_dependency "async-container", "~> 0.14.0" spec.add_dependency "rack", ">= 1.0"