Set Forwarded header on proxied requests.

RubenVerborgh · dmitrizagidulin · commit 70f87169576a · 2017-08-10T15:06:34.000-04:00
diff --git a/lib/handlers/auth-proxy.js b/lib/handlers/auth-proxy.js
@@ -26,18 +26,22 @@ function addAuthProxyHandler (app, sourcePath, target) {
   const sourcePathLength = sourcePath.length
   const settings = Object.assign({
     target,
-    onProxyReq: addUserHeader,
-    onProxyReqWs: addUserHeader,
+    onProxyReq: addAuthHeaders,
+    onProxyReqWs: addAuthHeaders,
     pathRewrite: path => path.substr(sourcePathLength)
   }, PROXY_SETTINGS)
 
   // Activate the proxy
   app.use(`${sourcePath}*`, proxy(settings))
 }
 
-// Adds a User header with the user's ID if the user is logged in
-function addUserHeader (proxyReq, req) {
-  if (req.session && req.session.userId) {
-    proxyReq.setHeader('User', req.session.userId)
+// Adds a headers with authentication information
+function addAuthHeaders (proxyReq, req) {
+  const { session = {}, headers = {} } = req
+  if (session.userId) {
+    proxyReq.setHeader('User', session.userId)
+  }
+  if (headers.host) {
+    proxyReq.setHeader('Forwarded', `host=${headers.host}`)
   }
 }
diff --git a/test/unit/auth-proxy.js b/test/unit/auth-proxy.js
@@ -54,6 +54,11 @@ describe('Auth Proxy', () => {
         expect(headers).to.have.property('host', 'server-a.org')
       })
 
+      it('sets the Forwarded header on the proxy request', () => {
+        const { headers } = response.body
+        expect(headers).to.have.property('forwarded', `host=${HOST}`)
+      })
+
       it('returns status code 200', () => {
         expect(response).to.have.property('statusCode', 200)
       })
@@ -83,6 +88,11 @@ describe('Auth Proxy', () => {
         expect(headers).to.have.property('host', 'server-a.org')
       })
 
+      it('sets the Forwarded header on the proxy request', () => {
+        const { headers } = response.body
+        expect(headers).to.have.property('forwarded', `host=${HOST}`)
+      })
+
       it('returns status code 200', () => {
         expect(response).to.have.property('statusCode', 200)
       })
@@ -112,6 +122,11 @@ describe('Auth Proxy', () => {
         expect(headers).to.have.property('host', 'server-b.org')
       })
 
+      it('sets the Forwarded header on the proxy request', () => {
+        const { headers } = response.body
+        expect(headers).to.have.property('forwarded', `host=${HOST}`)
+      })
+
       it('returns status code 200', () => {
         expect(response).to.have.property('statusCode', 200)
       })
@@ -141,6 +156,11 @@ describe('Auth Proxy', () => {
         expect(headers).to.have.property('host', 'server-b.org')
       })
 
+      it('sets the Forwarded header on the proxy request', () => {
+        const { headers } = response.body
+        expect(headers).to.have.property('forwarded', `host=${HOST}`)
+      })
+
       it('returns status code 200', () => {
         expect(response).to.have.property('statusCode', 200)
       })
@@ -174,6 +194,11 @@ describe('Auth Proxy', () => {
         expect(headers).to.have.property('host', 'server-a.org')
       })
 
+      it('sets the Forwarded header on the proxy request', () => {
+        const { headers } = response.body
+        expect(headers).to.have.property('forwarded', `host=${HOST}`)
+      })
+
       it('returns status code 200', () => {
         expect(response).to.have.property('statusCode', 200)
       })
