search

tomMoulard / htransformation

A Traefik plugin to change on the fly header's value of a request
MIT License
77 stars 13 forks source link

Join pseudo headers into existing headers #36

Closed williamle92 closed 1 year ago

williamle92 commented 1 year ago

Hello,

Is it possible to join pseudo headers (such as :path) into a newly created header?

My use-case: I am trying to implement a rate limit per path using the RateLimit middleware with source criterion pointed to a new header. This new header will extract user id from cookie (which I was able to do), but I need to add the value of :path header to this new header to make it possible.

Thank you for your time.

tomMoulard commented 1 year ago

Hello @williamle92,

Thanks for your interest in this Traefik plugin !

What do you mean by pseudo headers ?

williamle92 commented 1 year ago

Hello @tomMoulard ,

Pseudo-headers are sent in each request that give more details about the request. I believe Traefik sets these pseudo-headers on the request which become available on our flask request headers.

Here are some examples of pseudo-headers taken from portswigger

:method - The HTTP method of the request, such as GET or POST.
:path - The request path. Note that this includes the query string.
:authority - Roughly equivalent to the Host header in HTTP/1.
:scheme - The request scheme, typically http or https. Note that there is no equivalent in HTTP/1.
:status - The response status code.

Also an example you would see in google console.

tomMoulard commented 1 year ago

Here are all headers added by traefik, doc:

X-Forwarded-For: 10.42.0.1
X-Forwarded-Host: localhost
X-Forwarded-Port: 80
X-Forwarded-Proto: http
X-Forwarded-Server: traefik-5496cff6c7-4xwbh

It is not common for reverse proxy to add more headers that contain the request's data.

Nevertheless, if you are just trying to extract data from the cookies, you can find the cookies values as headers:

> curl localhost/whoami -H "Cookie: foo=bar"
...
GET /whoami HTTP/1.1
Host: localhost
User-Agent: curl/7.79.0-DEV
...
Cookie: foo=bar
williamle92 commented 1 year ago

Thank you Tom for your response. So it seems like there are no ways for me to access these pseudo headers through traefik and it seems like it is not even supposed to be added as a regular header(I read some pep docs). I will close this thread.