search

mkopylec / charon-spring-boot-starter

Reverse proxy implementation in form of a Spring Boot starter.
Apache License 2.0
240 stars 54 forks source link

fix wrong content-length in function RequestForwarder.forwardhttpRequest() #48

Closed toru-s closed 6 years ago

toru-s commented 6 years ago

RequestForwarder return wrong content-length value when rewrite body.

my CustomReceivedResponseInterceptor is bellow.

@Component
public class CustomReceivedResponseInterceptor implements ReceivedResponseInterceptor {
    final Pattern urlBeforPattern = Pattern.compile("=\\s*\\\"\\/");
    static final String urlAfterPattern = "=\"../";
    final Pattern cssBeforPattern = Pattern.compile("url\\(\\/image");
    static final String cssAfterPattern = "url(../image";
    final Pattern jsWindowOpenPatternBeforPattern = Pattern.compile("=\\s*window\\.open\\(\\'\\/");
    static final String jsWindowOpenPatternAfterPattern = "=window.open('../";
    final Pattern jsLocationReplacePatternBeforPattern = Pattern.compile("location\\.replace\\(\\\"\\/");
    static final String jsLocationReplacePatternAfterPattern = "location.replace(\"../";
    final Pattern jsUrlParamCgiBeforPattern = Pattern.compile("\\\"\\/cgi-bin\\/");
    static final String jsUrlParamCgiAfterPattern = "\"../cgi-bin/";
    final Pattern jsUrlParamImgBeforPattern = Pattern.compile("\\\",\\s*\\\"\\/");
    static final String jsUrlParamImgAfterPattern = "\",\"../";
    final Pattern jsOpenGetBeforPattern = Pattern.compile("\\.open\\(\\\"GET\\\",\\s*\\\"\\/");
    static final String jsOpenGetAfterPattern = ".open(\"GET\",\"../";
    final Pattern crLfPattern = Pattern.compile("[\r\n]+");

    @Override
    public void intercept(ResponseData data) {
        // rewite fullpath to relative path  (html/Js/Css)
        if (data.getHeaders().containsKey("Content-Type")) {
            if (data.getHeaders().get("Content-Type").contains("text/html") || data.getHeaders().get("Content-Type").contains("text/javascript")
                    ) {
                    data.setBody(
                            jsUrlParamImgBeforPattern.matcher(
                                    jsUrlParamCgiBeforPattern.matcher(
                                            jsLocationReplacePatternBeforPattern.matcher(
                                                    jsOpenGetBeforPattern.matcher(
                                                            jsWindowOpenPatternBeforPattern.matcher(
                                                                    cssBeforPattern.matcher(
                                                                            urlBeforPattern.matcher(
                                                                                    data.getBodyAsString()
                                                                            ).replaceAll(urlAfterPattern)
                                                                    ).replaceAll(cssAfterPattern)
                                                            ).replaceAll(jsWindowOpenPatternAfterPattern)
                                                    ).replaceAll(jsOpenGetAfterPattern)
                                            ).replaceAll(jsLocationReplacePatternAfterPattern)
                                    ).replaceAll(jsUrlParamCgiAfterPattern)
                            ).replaceAll(jsUrlParamImgAfterPattern)
                    );
            } else if (data.getHeaders().get("Content-Type").contains("text/css")) {
                data.setBody(
                        cssBeforPattern.matcher(
                        data.getBodyAsString()).replaceAll(cssAfterPattern)
                );
            }
        }
    }
}

Original response headers. rewrite off:

Accept-Ranges: bytes
Cache-Control   : no-cache
Connection: keep-alive
Content-Length: 30670
Content-Type: text/javascript
Status: 200

Original response headers. rewrite on:

Accept-Ranges: bytes
Cache-Control   : no-cache
Connection: keep-alive
Content-Length: 30670  <-- 30670 is wrong value!
Content-Type: text/javascript
Status: 200
coveralls commented 6 years ago

Coverage Status

Coverage increased (+0.01%) to 92.319% when pulling 32ab22231a418d79885816075be9fd66fc9b00ed on toru-s:fixed-bug-RequestForwarder into b4f18da7455612f18030e12e2c7fa4db2a97a3fa on mkopylec:master.

mkopylec commented 6 years ago

If you are intercepting the destination response using ReceivedResponseInterceptor you are taking a full responsibility of what you are doing. So if you modify the response body it is up to you to modify the "Content-Length" header too. For example: data.getHeaders().set("Content-Length", ...).

toru-s commented 6 years ago

Hi, My problem was solved. Cancel this pull request. Thank you so much for your help.