From dafcf8bad6b69e5e06d820db2cf08166920c479f Mon Sep 17 00:00:00 2001 From: Fritz Date: Thu, 2 Nov 2023 10:33:35 +0200 Subject: [PATCH] fix: Overriding X-Forwarded-For request header (#13) Changes setting X-Forwarded-For header to appending Refs: ASG-2952 --- server/server.go | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/server/server.go b/server/server.go index fc4527c..53f23f3 100644 --- a/server/server.go +++ b/server/server.go @@ -254,11 +254,10 @@ func (s *Server) isLegalRequest(req *http.Request) bool { return true } -/* -ServeHTTP is the single router access point to the frontdoor server. All request are handled in this method. - It uses Routes to generate the new url and then switches on scheme type to connect to the backend copying -between these pipes. -*/ +// ServeHTTP is the single router access point to the frontdoor server. All +// request are handled in this method. It uses Routes to generate the new url +// and then switches on scheme type to connect to the backend copying between +// these pipes. func (s *Server) ServeHTTP(isSecure bool, w http.ResponseWriter, req *http.Request) { // HACK! Doesn't belong here! // Catch wsdl here to statically serve. @@ -381,7 +380,7 @@ func (s *Server) forwardHttp(w http.ResponseWriter, req *http.Request, newurl st cleaned.ContentLength = req.ContentLength if remoteAddrNoPort, _, err := net.SplitHostPort(req.RemoteAddr); err == nil { - cleaned.Header["X-Forwarded-For"] = []string{remoteAddrNoPort} + cleaned.Header.Add("X-Forwarded-For", remoteAddrNoPort) } s.addXOriginalPath(req, cleaned)