Commit aa14a69f authored by Kostas Papadimitriou's avatar Kostas Papadimitriou
Browse files

snf-django: Improve headers handling in common proxy util

- Avoid proxying Connection, Host and Cookie headers
- Cleanup non headers keys (e.g. wsgi.*)
- Set X-Forwarded-For header
parent a3250f82
......@@ -40,6 +40,13 @@ from .utils import fix_header, forward_header
import urllib
import urlparse
# We use proxy to delegate requests to another domain. Sending host specific
# headers (Host, Cookie) may cause confusion to the server we proxy to.
#
# http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.10
# Connection and MUST NOT be communicated by proxies over further connections
EXCLUDE_HEADERS = ['Host', 'Cookie', 'Connection']
def proxy(request, target):
kwargs = {}
......@@ -49,6 +56,20 @@ def proxy(request, target):
filter(lambda (k, v): forward_header(k),
request.META.iteritems())))
# set X-Forwarded-For, if already set, pass it through, otherwise set it
# to the current request remote address
SOURCE_IP = request.META.get('REMOTE_ADDR', None)
if SOURCE_IP and not 'X-Forwarded-For' in headers:
headers['X-Forwarded-For'] = SOURCE_IP
# request.META remains cleanup
for k in headers.keys():
if '_' in k:
headers.pop(k)
for k in EXCLUDE_HEADERS:
headers.pop(k, None)
kwargs['headers'] = headers
kwargs['body'] = request.raw_post_data
......
......@@ -38,10 +38,9 @@ def fix_header(k, v):
prefix = 'HTTP_'
if k.startswith(prefix):
k = k[len(prefix):].title().replace('_', '-')
elif k in ('CONTENT_TYPE', 'CONTENT_LENGTH'):
k = k.replace('_', '-')
return k, v
def forward_header(k):
return k.lower() != "HOST" and not is_hop_by_hop(k)
return k.upper() not in ['HOST', 'CONTENT_LENGTH', 'CONTENT_TYPE'] and \
not is_hop_by_hop(k) and not '.' in k
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment