Skip to content

Commit 2fce169

Browse files
pi0pi0
committed
fix(getRequestURL): make x-forwarded-host support opt-in
1 parent b5d2972 commit 2fce169

File tree

2 files changed

+30
-9
lines changed

2 files changed

+30
-9
lines changed

Diff for: src/utils/request.ts

+26-8
Original file line numberDiff line numberDiff line change
@@ -85,16 +85,31 @@ export function getRequestHeader(
8585

8686
export const getHeader = getRequestHeader;
8787

88-
export function getRequestHost(event: H3Event) {
89-
const xForwardedHost = event.node.req.headers["x-forwarded-host"] as string;
90-
if (xForwardedHost) {
91-
return xForwardedHost;
88+
interface XForwaredOptions {
89+
respectXForwarded?: boolean;
90+
}
91+
92+
export function getRequestHost(
93+
event: H3Event,
94+
opts: { xForwardedHost?: boolean } = {}
95+
) {
96+
if (opts.xForwardedHost) {
97+
const xForwardedHost = event.node.req.headers["x-forwarded-host"] as string;
98+
if (xForwardedHost) {
99+
return xForwardedHost;
100+
}
92101
}
93102
return event.node.req.headers.host || "localhost";
94103
}
95104

96-
export function getRequestProtocol(event: H3Event) {
97-
if (event.node.req.headers["x-forwarded-proto"] === "https") {
105+
export function getRequestProtocol(
106+
event: H3Event,
107+
opts: { xForwardedProto?: boolean } = {}
108+
) {
109+
if (
110+
opts.xForwardedProto !== false &&
111+
event.node.req.headers["x-forwarded-proto"] === "https"
112+
) {
98113
return "https";
99114
}
100115
return (event.node.req.connection as any).encrypted ? "https" : "http";
@@ -107,8 +122,11 @@ export function getRequestPath(event: H3Event) {
107122
return path;
108123
}
109124

110-
export function getRequestURL(event: H3Event) {
111-
const host = getRequestHost(event);
125+
export function getRequestURL(
126+
event: H3Event,
127+
opts: { xForwardedHost?: boolean; xForwardedProto?: boolean } = {}
128+
) {
129+
const host = getRequestHost(event, opts);
112130
const protocol = getRequestProtocol(event);
113131
const path = getRequestPath(event);
114132
return new URL(path, `${protocol}://${host}`);

Diff for: test/utils.test.ts

+4-1
Original file line numberDiff line numberDiff line change
@@ -121,7 +121,10 @@ describe("", () => {
121121
app.use(
122122
"/",
123123
eventHandler((event) => {
124-
const url = getRequestURL(event);
124+
const url = getRequestURL(event, {
125+
xForwardedProto: true,
126+
xForwardedHost: true,
127+
});
125128
// @ts-ignore
126129
url.port = 80;
127130
return url;

0 commit comments

Comments
 (0)