Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 | 3x 3x 3x 3x 3x 3x 3x 3x 3x 37x 510x 510x 294x 294x 73x 37x 36x 257x 510x 3x 12x 3x 35x 35x 68x 7x 61x 9x 6x 3x 9x 52x 35x 25x 25x 25x 3x 25x 3x 25x 25x 25x 25x 23x 25x 68x 510x 1890x | import * as http from 'http'
import { HttpRequest, HttpRequestHeaders, HttpResponseHeaders, Logger } from '@azure/functions'
import { updateCacheControlHeader } from './cacheControl'
import { filterCookie } from './cookies'
import { stripPort } from './ip'
const CACHE_CONTROL_HEADER_NAME = 'cache-control'
const FPJS_COOKIE_NAME = '_iidt'
// Azure specific headers
const BLACKLISTED_HEADERS_PREFIXES = ['x-edge-', 'x-arr-', 'x-site', 'x-azure-']
const BLACKLISTED_REQUEST_HEADERS = new Set(['host', 'strict-transport-security'])
const BLACKLISTED_RESPONSE_HEADERS = new Set(['strict-transport-security', 'transfer-encoding'])
export function filterRequestHeaders(headers: HttpRequestHeaders) {
return Object.entries(headers).reduce((result: { [key: string]: string }, [name, value]) => {
const headerName = name.toLowerCase()
if (isHeaderAllowedForRequest(headerName)) {
let headerValue = value
if (headerName === 'cookie') {
headerValue = filterCookie(headerValue, (key) => key === FPJS_COOKIE_NAME)
// Only set cookie header if there are relevant cookies
if (headerValue) {
result[headerName] = headerValue
}
} else {
result[headerName] = headerValue
}
}
return result
}, {})
}
export const updateResponseHeadersForAgentDownload = (headers: http.IncomingHttpHeaders) =>
updateResponseHeaders(headers, true)
export function updateResponseHeaders(
headers: http.IncomingHttpHeaders,
overrideCacheControl = false
): HttpResponseHeaders {
const result: HttpResponseHeaders = {}
for (const [key, value] of Object.entries(headers)) {
if (!isHeaderAllowedForResponse(key) || !value) {
continue
}
switch (key) {
case CACHE_CONTROL_HEADER_NAME: {
if (overrideCacheControl) {
result[CACHE_CONTROL_HEADER_NAME] = updateCacheControlHeader(value.toString())
} else {
result[key] = value.toString()
}
break
}
default:
result[key] = value.toString()
}
}
return result
}
function resolveClientIp(request: HttpRequest, logger?: Logger) {
const clientIp = request.headers['x-azure-socketip'] || ''
logger?.verbose('Client IP resolved', {
clientIp,
})
return stripPort(clientIp)
}
export function getHost(request: Pick<HttpRequest, 'headers' | 'url'>) {
return request.headers['x-forwarded-host'] || new URL(request.url).hostname
}
export function prepareHeadersForIngressAPI(request: HttpRequest, preSharedSecret?: string, logger?: Logger) {
const headers = filterRequestHeaders(request.headers)
headers['fpjs-proxy-client-ip'] = resolveClientIp(request, logger)
headers['fpjs-proxy-forwarded-host'] = getHost(request)
if (preSharedSecret) {
headers['fpjs-proxy-secret'] = preSharedSecret
}
return headers
}
function isHeaderAllowedForResponse(headerName: string) {
return !BLACKLISTED_RESPONSE_HEADERS.has(headerName) && !matchesBlacklistedHeaderPrefix(headerName)
}
function isHeaderAllowedForRequest(headerName: string) {
return !BLACKLISTED_REQUEST_HEADERS.has(headerName) && !matchesBlacklistedHeaderPrefix(headerName)
}
function matchesBlacklistedHeaderPrefix(headerName: string) {
return BLACKLISTED_HEADERS_PREFIXES.some((prefix) => headerName.startsWith(prefix))
}
|