Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

forward port information when using ssl so that Hawk can generate the…

… correct MAC
  • Loading branch information...
commit d6decd05bc0e910ee406efac4137dd4b5f314582 1 parent 49eb445
Zach Carter zaach authored
Showing with 8 additions and 1 deletion.
  1. +1 −0  bin/api
  2. +7 −1 lib/http_forward.js
1  bin/api
View
@@ -41,6 +41,7 @@ options.auth.getCredentialsFunc = credentialsFunc;
// modify default error format
options.format = {
error: function (result) {
+ Hapi.Log.event(['error'], result.message);
return {
code: result.code,
payload: { success: false, errorCode: result.code, errorMessage: result.message },
8 lib/http_forward.js
View
@@ -6,6 +6,7 @@ const url = require('url');
const http = require('http');
const https = require('https');
const querystring = require('querystring');
+const public_url = url.parse(require('../etc/config').public_url);
var global_forward_timeout;
@@ -91,7 +92,12 @@ exports.forward = function(dest, req, res, cb) {
preq.setHeader('Authorization', req.headers['authorization']);
}
- preq.setHeader('X-Forwarded-Host', req.headers.host);
+ // Hawk checks a single host header when generating the MAC,
+ // so ensure that the correct port is included when using ssl
+ var host = req.headers.host;
+ if (host.indexOf(':') < 0 && public_url.protocol === 'https:') host += ':443';
+
+ preq.setHeader('X-Forwarded-Host', host);
// if the body has already been parsed, we'll write it
if (req.body) {
Please sign in to comment.
Something went wrong with that request. Please try again.