Support for X-Forwarded-Prefix in ForwardedHeadersMiddleware #49249
Conversation
ghost
added
area-runtime
community-contribution
|
Thanks for your PR, @andwi. Someone from the team will get assigned to your PR shortly and we'll get it reviewed. |
|
@dotnet-policy-service agree |
|
Thanks for the contribution @andwi! Since this change affects public API, it will need to go through the API review process (but in this case, the API change is so small and follows the existing pattern so it will be super easy!). To get that kicked off, can you please add a comment on the issue (#23263) with the proposed API change, following the template here? https://github.com/dotnet/aspnetcore/issues/new?assignees=&labels=api-suggestion&template=30_api_proposal.md&title= Tag me once you've done that and we can mark the issue as being ready for us to review during the next API review session. BTW the CI failure was unrelated (message is below and I hadn't seen this one before... seems like something went wrong when building the installers @wtgodbe?) so I reran the failing leg. |
Looks like an ordering issue - I don't think I've seen that one before, I'll keep an eye out for it in future builds |
|
Updated the logic for setting the X-Original-Prefix header to make sure empty string is replaced with / |
|
Looks like this PR hasn't been active for some time and the codebase could have been changed in the meantime. |
ghost
added
the
pending-ci-rerun
|
Still waiting on API review for this one. |
| requestHeaders[_options.OriginalPrefixHeaderName] = | ||
| request.PathBase.HasValue ? request.PathBase.ToString() : "/"; |
There was a problem hiding this comment.
"/" and "" are not equivalent paths, especially for PathBase. PathBase is commonly empty. I understand that's awkward to represent in this collection. It might be better to skip adding the original value when empty.
There was a problem hiding this comment.
Changed so that X-Original-Prefix is only added if PathBase has value
| requestHeaders.Remove(_options.ForwardedPrefixHeaderName); | ||
| } | ||
|
|
||
| request.PathBase = PathString.FromUriComponent(currentValues.Prefix.TrimEnd('/')); |
There was a problem hiding this comment.
TrimEnd shouldn't be needed, pass the given value through. PathString has built in logic to avoid duplicate slashes when combined with another PathString (PathBase + Path).
aspnetcore/src/Http/Http.Abstractions/src/PathString.cs
Lines 318 to 327 in a02b94e
| @@ -1116,4 +1121,137 @@ public async Task ForwardersWithDirectOptionsRunsTwice(int limit, string header, | |||
| Assert.Equal(expectedScheme, context.Request.Scheme); | |||
| Assert.Equal(remainingHeader, context.Request.Headers["X-Forwarded-Proto"].ToString()); | |||
| } | |||
|
|
|||
| [Theory] | |||
| [InlineData("", "/foo", "/foo", "/")] | |||
There was a problem hiding this comment.
Add /foo/bar as a multi-segment test case.
There was a problem hiding this comment.
Added multi-segment test case
|
@andwi The API has been approved #23263 (comment) @Tratcher Looks like your comments have been addressed. Any more feedback or is this ready for merge? |
| if (forwardedPrefix!.Length > entriesConsumed) | ||
| { | ||
| // Truncate the consumed header values | ||
| requestHeaders[_options.ForwardedPrefixHeaderName] = forwardedPrefix.Take(forwardedPrefix.Length - entriesConsumed).ToArray(); |
There was a problem hiding this comment.
Why is this using LINQ? Let's aim to avoid all temporary allocations.
There was a problem hiding this comment.
Why is this using LINQ?
Just followed the existing pattern in the class.
Have pushed new commits that change all the cases where header values are truncated to use a new helper method that uses Array.Copy instead of LINQ.
|
Looks like API review signed off: #23263. Good to go? |
|
Thanks @andwi |
amcasey
added
area-networking
Support for X-Forwarded-Prefix in ForwardedHeadersMiddleware
Adds the option to change PathBase based on the X-Forwarded-Prefix header.
Fixes #23263