Add ignored http headers to SpaProxy (dotnet#16863)

* Add ignored http headers to SpaProxy * Remove `cookie` header from NotForwardedHttpHeaders
mattywong · Nov 11, 2019 · 4eebc16 · 4eebc16
1 parent 909f1d3
commit 4eebc16
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/src/Middleware/SpaServices.Extensions/src/Proxying/SpaProxy.cs b/src/Middleware/SpaServices.Extensions/src/Proxying/SpaProxy.cs
@@ -22,6 +22,9 @@ internal static class SpaProxy
         private const int DefaultWebSocketBufferSize = 4096;
         private const int StreamCopyBufferSize = 81920;
 
+        // https://github.com/aspnet/AspNetCore/issues/16797
+        private static readonly string[] NotForwardedHttpHeaders = new[] { "Connection" };
+
         // Don't forward User-Agent/Accept because of https://github.com/aspnet/JavaScriptServices/issues/1469
         // Others just aren't applicable in proxy scenarios
         private static readonly string[] NotForwardedWebSocketHeaders = new[] { "Accept", "Connection", "Host", "User-Agent", "Upgrade", "Sec-WebSocket-Key", "Sec-WebSocket-Version" };
@@ -132,6 +135,11 @@ private static HttpRequestMessage CreateProxyHttpRequest(HttpContext context, Ur
             // Copy the request headers
             foreach (var header in request.Headers)
             {
+                if (NotForwardedHttpHeaders.Contains(header.Key, StringComparer.OrdinalIgnoreCase))
+                {
+                    continue;
+                }
+
                 if (!requestMessage.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray()) && requestMessage.Content != null)
                 {
                     requestMessage.Content?.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray());