Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proxy in 0.14.5 is broken #104

Closed
Deathspike opened this issue Jan 9, 2015 · 4 comments
Closed

Proxy in 0.14.5 is broken #104

Deathspike opened this issue Jan 9, 2015 · 4 comments
Labels
bug
Milestone
User Support

Comments

@Deathspike
Copy link

The proxy middleware has broken down going from 0.14.4 to 0.14.5. It seems like the host header is not set correctly. You can test this on any site that serves sites depending on the host header (e.g. almost every site on a shared host).

Probably because delete req.headers.host; was dropped as well in that patch?
@Deathspike
Copy link
Author

To confirm, yes putting delete req.headers.host; above req.url = url; (https://github.com/phonegap/connect-phonegap/blob/master/lib/middleware/proxy.js#L34) fixes the problem.

A pull request seems a little overkill for this one-line patch :-)

mwbrooks added a commit that referenced this issue Jan 10, 2015
@mwbrooks
[#104] Fix the host header for proxied requests.
ca51ca3
@mwbrooks
Copy link
Collaborator

Hi @Deathspike,

Thanks for catching this issue so quickly! I've published a patch to help you out. However, could you provide me with a real-world example that I can use to test the issue? Currently, we don't have a test case to catch this scenario and I'm unsure how to structure it.

Published connect-phonegap@0.14.6
Published phonegap@4.1.2-0.22.12

Thanks!
Michael

@mwbrooks mwbrooks added the bug label Jan 10, 2015
@Deathspike
Copy link
Author

Sure!

There are many sites that require a valid host header to route into the correct application, and won't work while approached with an incorrect host header or by IP. IIS, Apache and nginx tend to route this way by default. For example, the ASP.NET site runs on http://www.asp.net/ and the equivalent IP at the moment is 168.62.43.5. Go to http://168.62.43.5/ and it won't show the site. Request with an incorrect header, or missing header, and you get a different site too. Here is the same thing as a proxy script:

var http = require('http'),
    httpProxy = require('http-proxy'),
    proxy = httpProxy.createProxyServer({});

http.createServer(function(req, res) {
    // delete req.headers.host;
    proxy.web(req, res, { target: 'http://www.asp.net/' });
}).listen(3000);

Note that when the delete is uncommented, you won't see the site. Otherwise you will. I can create a full test with a local server that requires a correct host header if you desire, please let me know :)

@mwbrooks mwbrooks added this to the Backlog milestone Sep 16, 2015
@mwbrooks mwbrooks modified the milestones: Backlog, User Support May 30, 2016
@filmaj
Copy link
Collaborator

filmaj commented Apr 24, 2017

This is resolved. I am closing it.

@filmaj filmaj closed this as completed Apr 24, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Milestone
User Support
Development

No branches or pull requests
3 participants
@mwbrooks @filmaj @Deathspike