diff --git a/middlewear/middlewear.go b/middlewear/middlewear.go index 29f3db02..e277198b 100644 --- a/middlewear/middlewear.go +++ b/middlewear/middlewear.go @@ -3,6 +3,7 @@ package middlewear import ( "fmt" "net/http" + "strings" "github.com/Sirupsen/logrus" "github.com/dropbox/godropbox/errors" @@ -315,7 +316,7 @@ func CsrfToken(c *gin.Context) { } token := "" - if c.Request.Header.Get("Upgrade") == "websocket" { + if strings.ToLower(c.Request.Header.Get("Upgrade")) == "websocket" { token = c.Query("csrf_token") } else { token = c.Request.Header.Get("Csrf-Token") diff --git a/phandlers/redirect.go b/phandlers/redirect.go index fe527148..d18b7e40 100644 --- a/phandlers/redirect.go +++ b/phandlers/redirect.go @@ -3,12 +3,13 @@ package phandlers import ( "fmt" "net/url" + "strings" "github.com/gin-gonic/gin" ) func redirect(c *gin.Context) { - if c.Request.Header.Get("Upgrade") == "websocket" { + if strings.ToLower(c.Request.Header.Get("Upgrade")) == "websocket" { c.AbortWithStatus(404) } else { c.Redirect(302, fmt.Sprintf("/?redirect_url=%s", diff --git a/proxy/proxy.go b/proxy/proxy.go index 243eda2e..eda4ed19 100644 --- a/proxy/proxy.go +++ b/proxy/proxy.go @@ -6,6 +6,7 @@ import ( "math/rand" "net" "net/http" + "strings" "time" "github.com/Sirupsen/logrus" @@ -114,7 +115,8 @@ func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) bool { for _, network := range host.WhitelistNetworks { if network.Contains(clientIp) { if wsProxies != nil && wsLen > 0 && - r.Header.Get("Upgrade") == "websocket" { + strings.ToLower( + r.Header.Get("Upgrade")) == "websocket" { wsProxies[rand.Intn(wsLen)].ServeHTTP( w, r, db, authorizer.NewProxy(nil)) @@ -229,7 +231,7 @@ func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) bool { return false } - if wsLen == 0 && r.Header.Get("Upgrade") == "websocket" { + if wsLen == 0 && strings.ToLower(r.Header.Get("Upgrade")) == "websocket" { wsProxies[rand.Intn(wsLen)].ServeHTTP(w, r, db, authr) return true }