aboutsummaryrefslogtreecommitdiff
path: root/src/modules/upgrade_insecure.rs
diff options
context:
space:
mode:
Diffstat (limited to 'src/modules/upgrade_insecure.rs')
-rw-r--r--src/modules/upgrade_insecure.rs25
1 files changed, 18 insertions, 7 deletions
diff --git a/src/modules/upgrade_insecure.rs b/src/modules/upgrade_insecure.rs
index e284df0..37fc04e 100644
--- a/src/modules/upgrade_insecure.rs
+++ b/src/modules/upgrade_insecure.rs
@@ -7,10 +7,13 @@ use super::{Node, NodeContext, NodeKind, NodeRequest, NodeResponse};
use crate::{config::DynNode, error::ServiceError};
use anyhow::Result;
use futures::Future;
-use http::{uri::Scheme, HeaderValue, Response, StatusCode, Uri};
+use http::{
+ uri::{Authority, Scheme},
+ HeaderValue, Response, StatusCode, Uri,
+};
use http_body_util::BodyExt;
use serde::Deserialize;
-use std::{pin::Pin, sync::Arc};
+use std::{pin::Pin, str::FromStr, sync::Arc};
pub struct UpgradeInsecureKind;
@@ -33,12 +36,20 @@ impl Node for UpgradeInsecure {
request: NodeRequest,
) -> Pin<Box<dyn Future<Output = Result<NodeResponse, ServiceError>> + Send + Sync + 'a>> {
Box::pin(async move {
- if request.headers().contains_key("upgrade-insecure-requests")
- && request.uri().scheme() == Some(&Scheme::HTTP)
- {
+ if request.headers().contains_key("upgrade-insecure-requests") && !context.secure {
let mut parts = http::uri::Parts::default();
- parts.scheme = request.uri().scheme().cloned();
- parts.authority = request.uri().authority().cloned();
+ parts.scheme = Some(Scheme::HTTPS);
+ parts.authority = Some(
+ Authority::from_str(
+ request
+ .headers()
+ .get("host")
+ .ok_or(ServiceError::NoHost)?
+ .to_str()
+ .map_err(|_| ServiceError::InvalidUri)?,
+ )
+ .map_err(|_| ServiceError::InvalidUri)?,
+ );
parts.path_and_query = request.uri().path_and_query().cloned();
let uri = Uri::from_parts(parts).map_err(|_| ServiceError::InvalidUri)?;
generated by cgit v1.2.3-70-g09d2 (git 2.51.0) at 2025-10-07 19:59:12 +0000