huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add ignored http headers to SpaProxy (#16863) 

* Add ignored http headers to SpaProxy

* Remove `cookie` header from NotForwardedHttpHeaders
This commit is contained in:
Christopher Haws 2019-11-10 16:06:14 -08:00 committed by Artak
parent 909f1d368f
commit 4eebc166bf
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Middleware/SpaServices.Extensions/src/Proxying/SpaProxy.cs
View File

@ -22,6 +22,9 @@ namespace Microsoft.AspNetCore.SpaServices.Extensions.Proxy
private const int DefaultWebSocketBufferSize = 4096; private const int DefaultWebSocketBufferSize = 4096;
private const int StreamCopyBufferSize = 81920; private const int StreamCopyBufferSize = 81920;
// https://github.com/aspnet/AspNetCore/issues/16797
private static readonly string[] NotForwardedHttpHeaders = new[] { "Connection" };
// Don't forward User-Agent/Accept because of https://github.com/aspnet/JavaScriptServices/issues/1469 // Don't forward User-Agent/Accept because of https://github.com/aspnet/JavaScriptServices/issues/1469
// Others just aren't applicable in proxy scenarios // Others just aren't applicable in proxy scenarios
private static readonly string[] NotForwardedWebSocketHeaders = new[] { "Accept", "Connection", "Host", "User-Agent", "Upgrade", "Sec-WebSocket-Key", "Sec-WebSocket-Version" }; private static readonly string[] NotForwardedWebSocketHeaders = new[] { "Accept", "Connection", "Host", "User-Agent", "Upgrade", "Sec-WebSocket-Key", "Sec-WebSocket-Version" };
@ -132,6 +135,11 @@ namespace Microsoft.AspNetCore.SpaServices.Extensions.Proxy
// Copy the request headers // Copy the request headers
foreach (var header in request.Headers) foreach (var header in request.Headers)
{ {
if (NotForwardedHttpHeaders.Contains(header.Key, StringComparer.OrdinalIgnoreCase))
{
continue;
}
if (!requestMessage.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray()) && requestMessage.Content != null) if (!requestMessage.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray()) && requestMessage.Content != null)
{ {
requestMessage.Content?.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray()); requestMessage.Content?.Headers.TryAddWithoutValidation(header.Key, header.Value.ToArray());