1 Star 0 Fork 0

东海苍月/traefik

加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
克隆/下载
header_rewriter.go 1.42 KB
一键复制 编辑 原始数据 按行查看 历史
package server
import (
"net/http"
"os"
"github.com/containous/traefik/log"
"github.com/containous/traefik/whitelist"
"github.com/vulcand/oxy/forward"
"github.com/vulcand/oxy/utils"
)
const (
xForwardedURI = "X-Forwarded-Uri"
xForwardedMethod = "X-Forwarded-Method"
)
// NewHeaderRewriter Create a header rewriter
func NewHeaderRewriter(trustedIPs []string, insecure bool) (forward.ReqRewriter, error) {
ips, err := whitelist.NewIP(trustedIPs, insecure, true)
if err != nil {
return nil, err
}
hostname, err := os.Hostname()
if err != nil {
hostname = "localhost"
}
return &headerRewriter{
secureRewriter: &forward.HeaderRewriter{TrustForwardHeader: false, Hostname: hostname},
insecureRewriter: &forward.HeaderRewriter{TrustForwardHeader: true, Hostname: hostname},
ips: ips,
insecure: insecure,
}, nil
}
type headerRewriter struct {
secureRewriter forward.ReqRewriter
insecureRewriter forward.ReqRewriter
insecure bool
ips *whitelist.IP
}
func (h *headerRewriter) Rewrite(req *http.Request) {
if h.insecure {
h.insecureRewriter.Rewrite(req)
return
}
err := h.ips.IsAuthorized(req)
if err != nil {
log.Debug(err)
// Remove additional X-Forwarded Headers which are used by the forward authentication
utils.RemoveHeaders(req.Header, xForwardedURI, xForwardedMethod)
h.secureRewriter.Rewrite(req)
return
}
h.insecureRewriter.Rewrite(req)
}
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/dhcy/traefik.git
git@gitee.com:dhcy/traefik.git
dhcy
traefik
traefik
v1.7.14

搜索帮助