fix: provide correct fpjs-proxy-forwarded-host header when using fron…

…tdoor
fingerprintjs · Jun 13, 2024 · 341094f · 341094f
1 parent 3a8a62d
commit 341094f
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 3 deletions.
diff --git a/proxy/utils/headers.test.ts b/proxy/utils/headers.test.ts
@@ -18,7 +18,7 @@ const mockReq = {
   headers: {
     'content-type': 'application/json',
     'content-length': '24354',
-    host: 'fpjs.sh',
+    host: 'example.org',
     'transfer-encoding': 'br',
     via: 'azure.com',
     cookie: '_iidt=7A03Gwg; _vid_t=gEFRuIQlzYmv692/UL4GLA==',
@@ -28,6 +28,7 @@ const mockReq = {
     'x-azure-requestchain': 'hops=1',
     'x-azure-socketip': '46.204.4.119',
     'x-forwarded-for': '127.0.0.1',
+    'x-forwarded-host': 'fpjs.sh',
   },
   user: null,
   params: {},
@@ -163,7 +164,15 @@ describe('prepareHeadersForIngressAPI', () => {
 
     expect(result['fpjs-proxy-client-ip']).toBe(mockReq.headers['x-forwarded-for'])
     expect(result['fpjs-proxy-secret']).toBe('secret')
-    expect(result['fpjs-proxy-forwarded-host']).toBe(new URL(mockReq.url).hostname)
+    expect(result['fpjs-proxy-forwarded-host']).toBe('fpjs.sh')
+  })
+
+  it('should set correct host', () => {
+    const result = prepareHeadersForIngressAPI(mockReq, 'secret')
+
+    expect(result['fpjs-proxy-client-ip']).toBe(mockReq.headers['x-forwarded-for'])
+    expect(result['fpjs-proxy-secret']).toBe('secret')
+    expect(result['fpjs-proxy-forwarded-host']).toBe('fpjs.sh')
   })
 
   it('should not set secret if it is undefined', () => {

diff --git a/proxy/utils/headers.ts b/proxy/utils/headers.ts
@@ -92,14 +92,18 @@ function resolveClientIp(request: HttpRequest, logger?: Logger) {
   return clientIp
 }
 
+export function getHost(request: Pick<HttpRequest, 'headers' | 'url'>) {
+  return request.headers['x-forwarded-host'] || request.headers.host || new URL(request.url).hostname
+}
+
 export function prepareHeadersForIngressAPI(request: HttpRequest, preSharedSecret?: string, logger?: Logger) {
   const headers = filterRequestHeaders(request.headers)
 
   headers['fpjs-proxy-client-ip'] = resolveClientIp(request, logger)
 
   if (preSharedSecret) {
     headers['fpjs-proxy-secret'] = preSharedSecret
-    headers['fpjs-proxy-forwarded-host'] = new URL(request.url).hostname
+    headers['fpjs-proxy-forwarded-host'] = getHost(request)
   }
 
   return headers