Skip to content

Commit

Permalink
Lowercase upgrade header value
Browse files Browse the repository at this point in the history
  • Loading branch information
@zachhuff386
zachhuff386 committed Jun 16, 2020
1 parent 6a1a8ba commit 0cbb6e8
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 4 deletions.
3 changes: 2 additions & 1 deletion middlewear/middlewear.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ package middlewear
import (
"fmt"
"net/http"
"strings"

"github.com/Sirupsen/logrus"
"github.com/dropbox/godropbox/errors"
Expand Down Expand Up @@ -315,7 +316,7 @@ func CsrfToken(c *gin.Context) {
}

token := ""
if c.Request.Header.Get("Upgrade") == "websocket" {
if strings.ToLower(c.Request.Header.Get("Upgrade")) == "websocket" {
token = c.Query("csrf_token")
} else {
token = c.Request.Header.Get("Csrf-Token")
Expand Down
3 changes: 2 additions & 1 deletion phandlers/redirect.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,12 +3,13 @@ package phandlers
import (
"fmt"
"net/url"
"strings"

"github.com/gin-gonic/gin"
)

func redirect(c *gin.Context) {
if c.Request.Header.Get("Upgrade") == "websocket" {
if strings.ToLower(c.Request.Header.Get("Upgrade")) == "websocket" {
c.AbortWithStatus(404)
} else {
c.Redirect(302, fmt.Sprintf("/?redirect_url=%s",
Expand Down
6 changes: 4 additions & 2 deletions proxy/proxy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"math/rand"
"net"
"net/http"
"strings"
"time"

"github.com/Sirupsen/logrus"
Expand Down Expand Up @@ -114,7 +115,8 @@ func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) bool {
for _, network := range host.WhitelistNetworks {
if network.Contains(clientIp) {
if wsProxies != nil && wsLen > 0 &&
r.Header.Get("Upgrade") == "websocket" {
strings.ToLower(
r.Header.Get("Upgrade")) == "websocket" {

wsProxies[rand.Intn(wsLen)].ServeHTTP(
w, r, db, authorizer.NewProxy(nil))
Expand Down Expand Up @@ -229,7 +231,7 @@ func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) bool {
return false
}

if wsLen == 0 && r.Header.Get("Upgrade") == "websocket" {
if wsLen == 0 && strings.ToLower(r.Header.Get("Upgrade")) == "websocket" {
wsProxies[rand.Intn(wsLen)].ServeHTTP(w, r, db, authr)
return true
}
Expand Down

0 comments on commit 0cbb6e8

Please sign in to comment.