-
Notifications
You must be signed in to change notification settings - Fork 10k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for x-forwarded-prefix #23263
Comments
I've extended HttpOverride with this functionality https://github.com/ProxyKit/HttpOverrides |
I did not get any pathbase headers and added it manually. Is this due to the PathRemovePrefix transform that i had to added it manually like below?
|
@pksorensen let's keep YARP questions over at https://github.com/microsoft/reverse-proxy/.
Your transforms look fine for your scenario. |
@Tratcher I've been trying to get this to work myself and from searching it seems the more common header name used across other frameworks is Also if anyone else comes across this, I got this working (for my needs anyways) with the below code as I don't see any support from MS for it yet. app.Use(async (context, next) =>
{
if (context.Request.Headers.TryGetValue("X-Forwarded-PathBase", out var pathBase))
{
context.Request.PathBase = pathBase.Last();
if (context.Request.Path.StartsWithSegments(context.Request.PathBase, out var path))
{
context.Request.Path = path;
}
}
await next();
}); |
@krispenner can you give some references for that? Searching, I see a number of questions about it but very few actually supporting it. |
Hi @Tratcher, here are some of the examples I found and I could list another 10 if I kept going. There is obviously no standard for this yet, but I'm only suggesting using the
|
@krispenner thanks, that's a good list. I filed a matching issue for YARP. |
This should probably happen in 6.0 otherwise one is looking at significant amount of time before it's in an LTS release and won't be aligned with YARP |
I see kong sets |
Thanks for contacting us. We're moving this issue to the |
It seams to me that it should be quite straightforward to use the existing pattern in ForwardedHeadersMiddleware and also set PathBase based on the X-Forwarded-Prefix header, unless I have misunderstood something. Will you accept a PR for this even if this issue does not have the help-wanted label? |
Sure, give it a try. FYI this will need a fair number of tests, like path encoding, replacing an exisitng PathBase, etc. |
As requested by @adityamandaleeka in #49249 here are the proposed api changes for this feature. namespace Microsoft.AspNetCore.HttpOverrides
{
[Flags]
public enum ForwardedHeaders
{
+ XForwardedPrefix = 1 << 3,
- All = XForwardedFor | XForwardedHost | XForwardedProto
+ All = XForwardedFor | XForwardedHost | XForwardedProto | XForwardedPrefix
}
public static class ForwardedHeadersDefaults
{
+ public static string XForwardedPrefixHeaderName { get; } = "X-Forwarded-Prefix";
+ public static string XOriginalPrefixHeaderName { get; } = "X-Original-Prefix";
}
}
namespace Microsoft.AspNetCore.Builder
{
public class ForwardedHeadersOptions
{
+ public string ForwardedPrefixHeaderName { get; set; } = ForwardedHeadersDefaults.XForwardedPrefixHeaderName;
+ public string OriginalPrefixHeaderName { get; set; } = ForwardedHeadersDefaults.XOriginalPrefixHeaderName;
}
} It occurred to me also that the expanded definition of ForwardedHeaders.All in combination with RequireHeaderSymmetry can be a breaking change when the X-Forwarded-Prefix header is not included in the http request. So not sure anymore if ForwardedHeaders.All should be expanded. Is this an acceptable breaking change? Maybe it's enough to mention it in the release notes since the workaround is to just use the individual flags you need? It would be very strange if ForwardedHeaders.All did not include all flags. |
Thank you for submitting this for API review. This will be reviewed by @dotnet/aspnet-api-review at the next meeting of the ASP.NET Core API Review group. Please ensure you take a look at the API review process documentation and ensure that:
|
API Review Notes:
API Approved! namespace Microsoft.AspNetCore.HttpOverrides
{
[Flags]
public enum ForwardedHeaders
{
+ XForwardedPrefix = 1 << 3,
- All = XForwardedFor | XForwardedHost | XForwardedProto
+ All = XForwardedFor | XForwardedHost | XForwardedProto | XForwardedPrefix
}
public static class ForwardedHeadersDefaults
{
+ public static string XForwardedPrefixHeaderName { get; } = "X-Forwarded-Prefix";
+ public static string XOriginalPrefixHeaderName { get; } = "X-Original-Prefix";
}
}
namespace Microsoft.AspNetCore.Builder
{
public class ForwardedHeadersOptions
{
+ public string ForwardedPrefixHeaderName { get; set; } = ForwardedHeadersDefaults.XForwardedPrefixHeaderName;
+ public string OriginalPrefixHeaderName { get; set; } = ForwardedHeadersDefaults.XOriginalPrefixHeaderName;
}
} |
microsoft/reverse-proxy#13 (comment)
When requests traverse a reverse proxy it's common to change parts of the url like the scheme (TLS offloading). That information is sent to the app via additional x-forwarded-* headers. The Forwarded Headers middleware reads these headers and fixes up the request fields so that the application can still properly generate links.
One common manipulation that's not currently supported is to Trim the start of the request path and forward that missing information as part the x-forwarded-PathBase header.
Example:
Original url: https://external.com/pathbase/path?query
Transformed request:
http://internal/path?query
x-forwarded-proto: https
x-forwarded-host: external.com
x-forwarded-pathbase: /pathbase
x-forwarded-pathbase is now supported by YARP and enabled by default.
https://microsoft.github.io/reverse-proxy/articles/transforms.html
The text was updated successfully, but these errors were encountered: