Commit fe7e3723 authored by Nick Thomas's avatar Nick Thomas

Merge branch 'sh-avoid-trailing-slash-in-proxy' into 'master'

Omit trailing slash when proxying pre-authorized routes with no suffix

See merge request gitlab-org/gitlab!61638
parents b10f0478 79fc9f2b
---
title: Omit trailing slash when proxying pre-authorized routes with no suffix
merge_request: 61638
author:
type: fixed
...@@ -168,7 +168,10 @@ func singleJoiningSlash(a, b string) string { ...@@ -168,7 +168,10 @@ func singleJoiningSlash(a, b string) string {
// joinURLPath is taken from reverseproxy.go:joinURLPath // joinURLPath is taken from reverseproxy.go:joinURLPath
func joinURLPath(a *url.URL, b string) (path string, rawpath string) { func joinURLPath(a *url.URL, b string) (path string, rawpath string) {
if a.RawPath == "" && b == "" { // Avoid adding a trailing slash if the suffix is empty
if b == "" {
return a.Path, a.RawPath
} else if a.RawPath == "" {
return singleJoiningSlash(a.Path, b), "" return singleJoiningSlash(a.Path, b), ""
} }
......
...@@ -536,7 +536,11 @@ func TestApiContentTypeBlock(t *testing.T) { ...@@ -536,7 +536,11 @@ func TestApiContentTypeBlock(t *testing.T) {
func TestAPIFalsePositivesAreProxied(t *testing.T) { func TestAPIFalsePositivesAreProxied(t *testing.T) {
goodResponse := []byte(`<html></html>`) goodResponse := []byte(`<html></html>`)
ts := testhelper.TestServerWithHandler(regexp.MustCompile(`.`), func(w http.ResponseWriter, r *http.Request) { ts := testhelper.TestServerWithHandler(regexp.MustCompile(`.`), func(w http.ResponseWriter, r *http.Request) {
if r.Header.Get(secret.RequestHeader) != "" && r.Method != "GET" { url := r.URL.String()
if url[len(url)-1] == '/' {
w.WriteHeader(500)
w.Write([]byte("PreAuthorize request included a trailing slash"))
} else if r.Header.Get(secret.RequestHeader) != "" && r.Method != "GET" {
w.WriteHeader(500) w.WriteHeader(500)
w.Write([]byte("non-GET request went through PreAuthorize handler")) w.Write([]byte("non-GET request went through PreAuthorize handler"))
} else { } else {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment