fix recursive proxy calls
This commit is contained in:
Kevin Pham
@@ -56,13 +56,15 @@ func NewProxySiteHandler(opts *ProxyOptions) fiber.Handler {
|
|||||||
SetFiberCtx(c).
|
SetFiberCtx(c).
|
||||||
SetDebugLogging(opts.Verbose).
|
SetDebugLogging(opts.Verbose).
|
||||||
SetRequestModifications(
|
SetRequestModifications(
|
||||||
rx.DeleteOutgoingCookies(),
|
//rx.DeleteOutgoingCookies(),
|
||||||
//rx.RequestArchiveIs(),
|
//rx.RequestArchiveIs(),
|
||||||
rx.MasqueradeAsGoogleBot(),
|
rx.MasqueradeAsGoogleBot(),
|
||||||
).
|
).
|
||||||
AddResponseModifications(
|
AddResponseModifications(
|
||||||
tx.DeleteIncomingCookies(),
|
//tx.DeleteIncomingCookies(),
|
||||||
tx.RewriteHTMLResourceURLs(),
|
tx.RewriteHTMLResourceURLs(),
|
||||||
|
tx.BypassCORS(),
|
||||||
|
tx.BypassContentSecurityPolicy(),
|
||||||
).
|
).
|
||||||
Execute()
|
Execute()
|
||||||
|
|
||||||
|
|||||||
@@ -261,6 +261,22 @@ func reconstructUrlFromReferer(referer *url.URL, relativeUrl *url.URL) (*url.URL
|
|||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// prevents calls like: http://localhost:8080/http://localhost:8080
|
||||||
|
func preventRecursiveProxyRequest(urlQuery *url.URL, baseProxyURL string) *url.URL {
|
||||||
|
u := urlQuery.String()
|
||||||
|
isRecursive := strings.HasPrefix(u, baseProxyURL) || u == baseProxyURL
|
||||||
|
if !isRecursive {
|
||||||
|
return urlQuery
|
||||||
|
}
|
||||||
|
|
||||||
|
fixedURL, err := url.Parse(strings.TrimPrefix(strings.TrimPrefix(urlQuery.String(), baseProxyURL), "/"))
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("proxychain: failed to fix recursive request: '%s' -> '%s\n'", baseProxyURL, u)
|
||||||
|
return urlQuery
|
||||||
|
}
|
||||||
|
return preventRecursiveProxyRequest(fixedURL, baseProxyURL)
|
||||||
|
}
|
||||||
|
|
||||||
// extractUrl extracts a URL from the request ctx. If the URL in the request
|
// extractUrl extracts a URL from the request ctx. If the URL in the request
|
||||||
// is a relative path, it reconstructs the full URL using the referer header.
|
// is a relative path, it reconstructs the full URL using the referer header.
|
||||||
func (chain *ProxyChain) extractUrl() (*url.URL, error) {
|
func (chain *ProxyChain) extractUrl() (*url.URL, error) {
|
||||||
@@ -284,6 +300,11 @@ func (chain *ProxyChain) extractUrl() (*url.URL, error) {
|
|||||||
return nil, fmt.Errorf("error parsing request URL '%s': %v", reqUrl, err)
|
return nil, fmt.Errorf("error parsing request URL '%s': %v", reqUrl, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// prevent recursive proxy requests
|
||||||
|
fullURL := chain.Context.Request().URI()
|
||||||
|
proxyURL := fmt.Sprintf("%s://%s", fullURL.Scheme(), fullURL.Host())
|
||||||
|
urlQuery = preventRecursiveProxyRequest(urlQuery, proxyURL)
|
||||||
|
|
||||||
// Handle standard paths
|
// Handle standard paths
|
||||||
// eg: https://localhost:8080/https://realsite.com/images/foobar.jpg -> https://realsite.com/images/foobar.jpg
|
// eg: https://localhost:8080/https://realsite.com/images/foobar.jpg -> https://realsite.com/images/foobar.jpg
|
||||||
isRelativePath := urlQuery.Scheme == ""
|
isRelativePath := urlQuery.Scheme == ""
|
||||||
|
|||||||
Reference in New Issue
Block a user