Fix cloudflarePriorityIgnore

- Now, only if the header being processed is the "priority" header, the cloudflarePriorityIgnore function is called, solving problems with that header injected by CF
- we make the check with regex now.
pull/851/head
Gustavo de León 2023-09-03 18:55:57 -06:00
parent 30a913c05c
commit 85740d810b
No known key found for this signature in database
GPG Key ID: 5D94C6D38A5368AD
1 changed files with 14 additions and 12 deletions

View File

@ -9,7 +9,7 @@ import (
"net/http" "net/http"
"net/netip" "net/netip"
"strings" "strings"
/*"regexp"*/ "regexp"
) )
var mimeDecoder mime.WordDecoder var mimeDecoder mime.WordDecoder
@ -51,7 +51,7 @@ func readParam(r *http.Request, names ...string) string {
func readHeaderParam(r *http.Request, names ...string) string { func readHeaderParam(r *http.Request, names ...string) string {
for _, name := range names { for _, name := range names {
value := maybeDecodeHeader(r.Header.Get(name)) value := maybeDecodeHeader(r.Header.Get(name), name)
if value != "" { if value != "" {
return strings.TrimSpace(value) return strings.TrimSpace(value)
} }
@ -127,12 +127,19 @@ func fromContext[T any](r *http.Request, key contextKey) (T, error) {
return t, nil return t, nil
} }
func maybeDecodeHeader(header string) string { func maybeDecodeHeader(header string, name string) string {
decoded, err := mimeDecoder.DecodeHeader(header) decoded, err := mimeDecoder.DecodeHeader(header)
if err != nil { if err != nil {
if name == "priority"{
return cloudflarePriorityIgnore(header) return cloudflarePriorityIgnore(header)
} }
return header
}
if name == "priority"{
return cloudflarePriorityIgnore(decoded) return cloudflarePriorityIgnore(decoded)
}
return decoded
} }
// Ignore new HTTP Priority header (see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-priority) // Ignore new HTTP Priority header (see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-priority)
@ -140,15 +147,10 @@ func maybeDecodeHeader(header string) string {
// If the Priority header is set to "u=*, i" or "u=*" (by cloudflare), the header will be ignored. // If the Priority header is set to "u=*, i" or "u=*" (by cloudflare), the header will be ignored.
// And continue searching for another header (x-priority, prio, p) or in the Query parameters. // And continue searching for another header (x-priority, prio, p) or in the Query parameters.
func cloudflarePriorityIgnore(value string) string { func cloudflarePriorityIgnore(value string) string {
if strings.HasPrefix(value, "u=") { pattern := `^u=\d,\s(i|\d)$|^u=\d$`
return ""
}
// The same but with regex
/* pattern := `^u=\d+\s*,\s*i|u=\d+$`
regex := regexp.MustCompile(pattern) regex := regexp.MustCompile(pattern)
if regex.MatchString(value) { if regex.MatchString(value) {
return "" return ""
} */ }
return value return value
} }