Closed rizdaprasetya closed 2 years ago
Moving this issue to the Proxyscotch repo.
Ah yes! We've not had this yet and that's a good point, we overlooked the use of user-agent. We added the header to help prevent abuse of the proxy and as a curtesy to other services (also CloudFlare blocks requests in some cases if you don't specify a User Agent at all).
I do like your solution though, so will go ahead and implement that.
Cool, thanks for confirming! š
We added the header to help prevent abuse of the proxy and as a curtesy to other services (also CloudFlare blocks requests in some cases if you don't specify a User Agent at all).
Ah I see, that make sense too. I think need to find the middle ground to satisfy both use-case then.
Maybe
x-requested-....
headers to identify proxy's user-agent.Also x-requested-via-proxy-agent
header is totally made up by me š
, I have not research far enough, maybe there's a standardized HTTP header for proxy case like this to properly use instead.
Thanks, appreciate the effort!
Did some quick search, I think the correct HTTP header to use is Via
. According to these resource:
Also if decided to follow that kind of standard, there's a few other to add like x-forwarded-for
Okay yeah I'll evaluate adding some or all of those headers then.
Just to confirm, are you in agreement with still using our Proxyscotch/1.0 User-Agent if no user agent header was specified (and Via always be set regardless)?
(This is in order to help prevent CloudFlare from blocking requests automatically which it often does when there's no user agent) ā or do we leave it up to the user to figure it out in case there is a use case for not having the header set?
Just to confirm, are you in agreement with still using our Proxyscotch/1.0 User-Agent if no user agent header was specified (and Via always be set regardless)?
ā
Yep, I personally agree. It maybe also helpful to compare the behavior with other tools like: Postman & CURL. They set their own user-agent
as default (when user does not specify). Then they will not overwrite user-agent when user specify it. I think same approach can be used here.
Btw scope wise, IMO ideally:
user-agent
as default (when user does not specify)" should be implemented on the REST client side (hoopscotch.io) instead of the Proxy side. (Just like Postman, this behavior come from Postman, not the proxy).
via
(and other proxy related) headers.Just adding insight, I agree whatever approach you choose, as you guys are the main owners of the project & it's specs. āļø
Okay yeah that all sounds good. I might look at adding something into the protocol then to allow Hoppscotch to set it from the frontend.
Edit: on second thoughts, have just submitted a ticket to get the user-agent added as a feature in hoppscotch directly, so will just push up a fix with the X-Forwarded-For
and Via
headers (the others seem unnecessary).
Pushed up a commit that should resolve this, please let me know if it does not or if there are changes needed by replying to this thread.
Lookin good for now, thanks man! š
Is there an existing issue for this?
Current behavior
On https://hoppscotch.io/ , using this feature
Use the proxy middleware to send requests
, when I create the following request:CURL equivalent:
Then I inspect the request on the destination, and get the following result instead:
unexpectedly some of the headers are modified:
user-agent: mycustom-UA
touser-agent: Proxyscotch/1.1
. Looks like the Proxyscotch is overwriting it.Why is it concerning?
user-agent
. e.g.So having this is important.
Maybe instead of Proxy scotch overwriting the actual
user-agent
header, it should add its own headers e.g.x-requested-via-proxy-agent: Proxyscotch/1.1
Steps to reproduce
https://hookbin.com/
. e.g. I will create endpoint & get URLhttps://hookb.in/YVkaPWyrBbCQjy0QmeZp
Use the proxy middleware to send requests
Environment
Production
Version
Cloud