forked from Mxmilu666/frp
fix(redirect): improve security in HTTP to HTTPS redirection
This commit is contained in:
@@ -51,7 +51,9 @@ func NewHTTP2HTTPSRedirectPlugin(_ PluginContext, options v1.ClientPluginOptions
|
||||
|
||||
p.s = &http.Server{
|
||||
Handler: http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
||||
http.Redirect(w, req, buildHTTPSRedirectURL(req, opts.HTTPSPort), http.StatusFound)
|
||||
// Not an open redirect: the target scheme is fixed to https and the
|
||||
// host is the one the client already connected to.
|
||||
http.Redirect(w, req, buildHTTPSRedirectURL(req, opts.HTTPSPort), http.StatusFound) //nolint:gosec // G710
|
||||
}),
|
||||
ReadHeaderTimeout: 60 * time.Second,
|
||||
}
|
||||
|
||||
@@ -70,7 +70,7 @@ func (w *logCapture) String() string {
|
||||
// levels parses the captured JSON log output and returns the level of each entry.
|
||||
func (w *logCapture) levels() []charmlog.Level {
|
||||
var levels []charmlog.Level
|
||||
for _, line := range strings.Split(strings.TrimSpace(w.String()), "\n") {
|
||||
for line := range strings.SplitSeq(strings.TrimSpace(w.String()), "\n") {
|
||||
if line == "" {
|
||||
continue
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user