acme and redirection patch

+ Added experimental fix for redirection tailing problem
+ Added acme widget for first time users to setup https
This commit is contained in:
Toby Chui 2023-07-06 11:01:33 +08:00
parent 2f14d6f271
commit 36b17ce4cf
8 changed files with 45 additions and 17 deletions

View File

@ -98,6 +98,10 @@ func isLocalhostListening() (isListening bool, err error) {
conn.Close()
}
if isListening {
return true, nil
}
return isListening, err
}

View File

@ -357,11 +357,6 @@ func (p *ReverseProxy) ProxyHTTP(rw http.ResponseWriter, req *http.Request, rrr
//Custom header rewriter functions
if res.Header.Get("Location") != "" {
/*
fmt.Println(">>> REQ", req)
fmt.Println(">>> OUTR", outreq)
fmt.Println(">>> RESP", res)
*/
locationRewrite := res.Header.Get("Location")
originLocation := res.Header.Get("Location")
res.Header.Set("zr-origin-location", originLocation)
@ -369,12 +364,10 @@ func (p *ReverseProxy) ProxyHTTP(rw http.ResponseWriter, req *http.Request, rrr
if strings.HasPrefix(originLocation, "http://") || strings.HasPrefix(originLocation, "https://") {
//Full path
//Replace the forwarded target with expected Host
lr, err := replaceLocationHost(locationRewrite, rrr.OriginalHost, req.TLS != nil)
lr, err := replaceLocationHost(locationRewrite, rrr, req.TLS != nil)
if err == nil {
locationRewrite = lr
}
//locationRewrite = strings.ReplaceAll(locationRewrite, rrr.ProxyDomain, rrr.OriginalHost)
//locationRewrite = strings.ReplaceAll(locationRewrite, domainWithoutPort, rrr.OriginalHost)
} else if strings.HasPrefix(originLocation, "/") && rrr.PathPrefix != "" {
//Back to the root of this proxy object
//fmt.Println(rrr.ProxyDomain, rrr.OriginalHost)
@ -387,6 +380,7 @@ func (p *ReverseProxy) ProxyHTTP(rw http.ResponseWriter, req *http.Request, rrr
//Custom redirection to this rproxy relative path
res.Header.Set("Location", locationRewrite)
}
// Copy header from response to client.
copyHeader(rw.Header(), res.Header)

View File

@ -2,20 +2,45 @@ package dpcore
import (
"net/url"
"strings"
)
func replaceLocationHost(urlString string, newHost string, useTLS bool) (string, error) {
// replaceLocationHost rewrite the backend server's location header to a new URL based on the given proxy rules
// If you have issues with tailing slash, you can try to fix them here (and remember to PR :D )
func replaceLocationHost(urlString string, rrr *ResponseRewriteRuleSet, useTLS bool) (string, error) {
u, err := url.Parse(urlString)
if err != nil {
return "", err
}
//Update the schemetic if the proxying target is http
//but exposed as https to the internet via Zoraxy
if useTLS {
u.Scheme = "https"
} else {
u.Scheme = "http"
}
u.Host = newHost
u.Host = rrr.OriginalHost
if strings.Contains(rrr.ProxyDomain, "/") {
//The proxy domain itself seems contain subpath.
//Trim it off from Location header to prevent URL segment duplicate
//E.g. Proxy config: blog.example.com -> example.com/blog
//Location Header: /blog/post?id=1
//Expected Location Header send to client:
// blog.example.com/post?id=1 instead of blog.example.com/blog/post?id=1
ProxyDomainURL := "http://" + rrr.ProxyDomain
if rrr.UseTLS {
ProxyDomainURL = "https://" + rrr.ProxyDomain
}
ru, err := url.Parse(ProxyDomainURL)
if err == nil {
//Trim off the subpath
u.Path = strings.TrimPrefix(u.Path, ru.Path)
}
}
return u.String(), nil
}

View File

@ -95,6 +95,7 @@ func (h *ProxyHandler) subdomainRequest(w http.ResponseWriter, r *http.Request,
UseTLS: target.RequireTLS,
PathPrefix: "",
})
var dnsError *net.DNSError
if err != nil {
if errors.As(err, &dnsError) {

View File

@ -28,10 +28,7 @@ func (t *RuleTable) HandleRedirect(w http.ResponseWriter, r *http.Request) int {
rr := t.MatchRedirectRule(requestPath)
if rr != nil {
redirectTarget := rr.TargetURL
//Always pad a / at the back of the target URL
if redirectTarget[len(redirectTarget)-1:] != "/" {
redirectTarget += "/"
}
if rr.ForwardChildpath {
//Remove the first / in the path
redirectTarget += strings.TrimPrefix(r.URL.Path, "/")

View File

@ -39,7 +39,7 @@
<div class="field">
<label>Destination URL (To)</label>
<input type="text" name="destination-url" placeholder="Destination URL">
<small><i class="ui circle info icon"></i> The target URL request being redirected to, e.g. dest.example.com/mysite</small>
<small><i class="ui circle info icon"></i> The target URL request being redirected to, e.g. dest.example.com/mysite/ or dest.example.com/script.php, <b>sometime you might need to add tailing slash (/) to your URL depending on your use cases</b></small>
</div>
<div class="field">
<div class="ui checkbox">

View File

@ -115,7 +115,8 @@
</div>
<button id="obtainButton" class="ui basic button" type="submit"><i class="yellow refresh icon"></i> Renew Certificate</button>
</div>
<div class="ui divider"></div>
<small>First time setting up HTTPS?<br>Try out our <a href="../tools/https.html" target="_blank">wizard</a></small>
<button class="ui basic button" style="float: right;" onclick="parent.hideSideWrapper();"><i class="remove icon"></i> Cancel</button>
<br><br><br><br>
</div>

View File

@ -21,6 +21,11 @@
<div class="ui container">
<div class="ui yellow message">
This Wizard require both client and server connected to the internet.
<br><b>
As different deployment methods might involve different network environment,
this wizard is only provided for assistant and the correctness of the setup is not guaranteed.
If you need to verify your TLS/SSL certificate installation is valid, please seek help
from IT professionals.</b>
</div>
<div class="ui segment">
<h3 class="ui header">
@ -114,7 +119,8 @@
</div>
</div>
<script>
$(".dropdown").dropdown();
function checkIfInputDomainIsMultiple(){
var inputDomains = $("#domainsInput").val();
if (inputDomains.includes(",")){