Permalink
Browse files

forward port information when using ssl so that Hawk can generate the…

… correct MAC
  • Loading branch information...
1 parent 49eb445 commit d6decd05bc0e910ee406efac4137dd4b5f314582 @zaach zaach committed Jan 7, 2013
Showing with 8 additions and 1 deletion.
  1. +1 −0 bin/api
  2. +7 −1 lib/http_forward.js
View
@@ -41,6 +41,7 @@ options.auth.getCredentialsFunc = credentialsFunc;
// modify default error format
options.format = {
error: function (result) {
+ Hapi.Log.event(['error'], result.message);
return {
code: result.code,
payload: { success: false, errorCode: result.code, errorMessage: result.message },
View
@@ -6,6 +6,7 @@ const url = require('url');
const http = require('http');
const https = require('https');
const querystring = require('querystring');
+const public_url = url.parse(require('../etc/config').public_url);
var global_forward_timeout;
@@ -91,7 +92,12 @@ exports.forward = function(dest, req, res, cb) {
preq.setHeader('Authorization', req.headers['authorization']);
}
- preq.setHeader('X-Forwarded-Host', req.headers.host);
+ // Hawk checks a single host header when generating the MAC,
+ // so ensure that the correct port is included when using ssl
+ var host = req.headers.host;
+ if (host.indexOf(':') < 0 && public_url.protocol === 'https:') host += ':443';
+
+ preq.setHeader('X-Forwarded-Host', host);
// if the body has already been parsed, we'll write it
if (req.body) {

0 comments on commit d6decd0

Please sign in to comment.