reverseproxy.go

Documentation: net/http/httputil

     1  // Copyright 2011 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // HTTP reverse proxy handler
     6  
     7  package httputil
     8  
     9  import (
    10  	"context"
    11  	"fmt"
    12  	"io"
    13  	"log"
    14  	"net"
    15  	"net/http"
    16  	"net/url"
    17  	"strings"
    18  	"sync"
    19  	"time"
    20  
    21  	"golang.org/x/net/http/httpguts"
    22  )
    23  
    24  // ReverseProxy is an HTTP Handler that takes an incoming request and
    25  // sends it to another server, proxying the response back to the
    26  // client.
    27  //
    28  // ReverseProxy automatically sets the client IP as the value of the
    29  // X-Forwarded-For header.
    30  // If an X-Forwarded-For header already exists, the client IP is
    31  // appended to the existing values.
    32  // To prevent IP spoofing, be sure to delete any pre-existing
    33  // X-Forwarded-For header coming from the client or
    34  // an untrusted proxy.
    35  type ReverseProxy struct {
    36  	// Director must be a function which modifies
    37  	// the request into a new request to be sent
    38  	// using Transport. Its response is then copied
    39  	// back to the original client unmodified.
    40  	// Director must not access the provided Request
    41  	// after returning.
    42  	Director func(*http.Request)
    43  
    44  	// The transport used to perform proxy requests.
    45  	// If nil, http.DefaultTransport is used.
    46  	Transport http.RoundTripper
    47  
    48  	// FlushInterval specifies the flush interval
    49  	// to flush to the client while copying the
    50  	// response body.
    51  	// If zero, no periodic flushing is done.
    52  	// A negative value means to flush immediately
    53  	// after each write to the client.
    54  	// The FlushInterval is ignored when ReverseProxy
    55  	// recognizes a response as a streaming response;
    56  	// for such responses, writes are flushed to the client
    57  	// immediately.
    58  	FlushInterval time.Duration
    59  
    60  	// ErrorLog specifies an optional logger for errors
    61  	// that occur when attempting to proxy the request.
    62  	// If nil, logging is done via the log package's standard logger.
    63  	ErrorLog *log.Logger
    64  
    65  	// BufferPool optionally specifies a buffer pool to
    66  	// get byte slices for use by io.CopyBuffer when
    67  	// copying HTTP response bodies.
    68  	BufferPool BufferPool
    69  
    70  	// ModifyResponse is an optional function that modifies the
    71  	// Response from the backend. It is called if the backend
    72  	// returns a response at all, with any HTTP status code.
    73  	// If the backend is unreachable, the optional ErrorHandler is
    74  	// called without any call to ModifyResponse.
    75  	//
    76  	// If ModifyResponse returns an error, ErrorHandler is called
    77  	// with its error value. If ErrorHandler is nil, its default
    78  	// implementation is used.
    79  	ModifyResponse func(*http.Response) error
    80  
    81  	// ErrorHandler is an optional function that handles errors
    82  	// reaching the backend or errors from ModifyResponse.
    83  	//
    84  	// If nil, the default is to log the provided error and return
    85  	// a 502 Status Bad Gateway response.
    86  	ErrorHandler func(http.ResponseWriter, *http.Request, error)
    87  }
    88  
    89  // A BufferPool is an interface for getting and returning temporary
    90  // byte slices for use by io.CopyBuffer.
    91  type BufferPool interface {
    92  	Get() []byte
    93  	Put([]byte)
    94  }
    95  
    96  func singleJoiningSlash(a, b string) string {
    97  	aslash := strings.HasSuffix(a, "/")
    98  	bslash := strings.HasPrefix(b, "/")
    99  	switch {
   100  	case aslash && bslash:
   101  		return a + b[1:]
   102  	case !aslash && !bslash:
   103  		return a + "/" + b
   104  	}
   105  	return a + b
   106  }
   107  
   108  // NewSingleHostReverseProxy returns a new ReverseProxy that routes
   109  // URLs to the scheme, host, and base path provided in target. If the
   110  // target's path is "/base" and the incoming request was for "/dir",
   111  // the target request will be for /base/dir.
   112  // NewSingleHostReverseProxy does not rewrite the Host header.
   113  // To rewrite Host headers, use ReverseProxy directly with a custom
   114  // Director policy.
   115  func NewSingleHostReverseProxy(target *url.URL) *ReverseProxy {
   116  	targetQuery := target.RawQuery
   117  	director := func(req *http.Request) {
   118  		req.URL.Scheme = target.Scheme
   119  		req.URL.Host = target.Host
   120  		req.URL.Path = singleJoiningSlash(target.Path, req.URL.Path)
   121  		if targetQuery == "" || req.URL.RawQuery == "" {
   122  			req.URL.RawQuery = targetQuery + req.URL.RawQuery
   123  		} else {
   124  			req.URL.RawQuery = targetQuery + "&" + req.URL.RawQuery
   125  		}
   126  		if _, ok := req.Header["User-Agent"]; !ok {
   127  			// explicitly disable User-Agent so it's not set to default value
   128  			req.Header.Set("User-Agent", "")
   129  		}
   130  	}
   131  	return &ReverseProxy{Director: director}
   132  }
   133  
   134  func copyHeader(dst, src http.Header) {
   135  	for k, vv := range src {
   136  		for _, v := range vv {
   137  			dst.Add(k, v)
   138  		}
   139  	}
   140  }
   141  
   142  // Hop-by-hop headers. These are removed when sent to the backend.
   143  // As of RFC 7230, hop-by-hop headers are required to appear in the
   144  // Connection header field. These are the headers defined by the
   145  // obsoleted RFC 2616 (section 13.5.1) and are used for backward
   146  // compatibility.
   147  var hopHeaders = []string{
   148  	"Connection",
   149  	"Proxy-Connection", // non-standard but still sent by libcurl and rejected by e.g. google
   150  	"Keep-Alive",
   151  	"Proxy-Authenticate",
   152  	"Proxy-Authorization",
   153  	"Te",      // canonicalized version of "TE"
   154  	"Trailer", // not Trailers per URL above; https://www.rfc-editor.org/errata_search.php?eid=4522
   155  	"Transfer-Encoding",
   156  	"Upgrade",
   157  }
   158  
   159  func (p *ReverseProxy) defaultErrorHandler(rw http.ResponseWriter, req *http.Request, err error) {
   160  	p.logf("http: proxy error: %v", err)
   161  	rw.WriteHeader(http.StatusBadGateway)
   162  }
   163  
   164  func (p *ReverseProxy) getErrorHandler() func(http.ResponseWriter, *http.Request, error) {
   165  	if p.ErrorHandler != nil {
   166  		return p.ErrorHandler
   167  	}
   168  	return p.defaultErrorHandler
   169  }
   170  
   171  // modifyResponse conditionally runs the optional ModifyResponse hook
   172  // and reports whether the request should proceed.
   173  func (p *ReverseProxy) modifyResponse(rw http.ResponseWriter, res *http.Response, req *http.Request) bool {
   174  	if p.ModifyResponse == nil {
   175  		return true
   176  	}
   177  	if err := p.ModifyResponse(res); err != nil {
   178  		res.Body.Close()
   179  		p.getErrorHandler()(rw, req, err)
   180  		return false
   181  	}
   182  	return true
   183  }
   184  
   185  func (p *ReverseProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
   186  	transport := p.Transport
   187  	if transport == nil {
   188  		transport = http.DefaultTransport
   189  	}
   190  
   191  	ctx := req.Context()
   192  	if cn, ok := rw.(http.CloseNotifier); ok {
   193  		var cancel context.CancelFunc
   194  		ctx, cancel = context.WithCancel(ctx)
   195  		defer cancel()
   196  		notifyChan := cn.CloseNotify()
   197  		go func() {
   198  			select {
   199  			case <-notifyChan:
   200  				cancel()
   201  			case <-ctx.Done():
   202  			}
   203  		}()
   204  	}
   205  
   206  	outreq := req.Clone(ctx)
   207  	if req.ContentLength == 0 {
   208  		outreq.Body = nil // Issue 16036: nil Body for http.Transport retries
   209  	}
   210  	if outreq.Header == nil {
   211  		outreq.Header = make(http.Header) // Issue 33142: historical behavior was to always allocate
   212  	}
   213  
   214  	p.Director(outreq)
   215  	outreq.Close = false
   216  
   217  	reqUpType := upgradeType(outreq.Header)
   218  	removeConnectionHeaders(outreq.Header)
   219  
   220  	// Remove hop-by-hop headers to the backend. Especially
   221  	// important is "Connection" because we want a persistent
   222  	// connection, regardless of what the client sent to us.
   223  	for _, h := range hopHeaders {
   224  		hv := outreq.Header.Get(h)
   225  		if hv == "" {
   226  			continue
   227  		}
   228  		if h == "Te" && hv == "trailers" {
   229  			// Issue 21096: tell backend applications that
   230  			// care about trailer support that we support
   231  			// trailers. (We do, but we don't go out of
   232  			// our way to advertise that unless the
   233  			// incoming client request thought it was
   234  			// worth mentioning)
   235  			continue
   236  		}
   237  		outreq.Header.Del(h)
   238  	}
   239  
   240  	// After stripping all the hop-by-hop connection headers above, add back any
   241  	// necessary for protocol upgrades, such as for websockets.
   242  	if reqUpType != "" {
   243  		outreq.Header.Set("Connection", "Upgrade")
   244  		outreq.Header.Set("Upgrade", reqUpType)
   245  	}
   246  
   247  	if clientIP, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
   248  		// If we aren't the first proxy retain prior
   249  		// X-Forwarded-For information as a comma+space
   250  		// separated list and fold multiple headers into one.
   251  		if prior, ok := outreq.Header["X-Forwarded-For"]; ok {
   252  			clientIP = strings.Join(prior, ", ") + ", " + clientIP
   253  		}
   254  		outreq.Header.Set("X-Forwarded-For", clientIP)
   255  	}
   256  
   257  	res, err := transport.RoundTrip(outreq)
   258  	if err != nil {
   259  		p.getErrorHandler()(rw, outreq, err)
   260  		return
   261  	}
   262  
   263  	// Deal with 101 Switching Protocols responses: (WebSocket, h2c, etc)
   264  	if res.StatusCode == http.StatusSwitchingProtocols {
   265  		if !p.modifyResponse(rw, res, outreq) {
   266  			return
   267  		}
   268  		p.handleUpgradeResponse(rw, outreq, res)
   269  		return
   270  	}
   271  
   272  	removeConnectionHeaders(res.Header)
   273  
   274  	for _, h := range hopHeaders {
   275  		res.Header.Del(h)
   276  	}
   277  
   278  	if !p.modifyResponse(rw, res, outreq) {
   279  		return
   280  	}
   281  
   282  	copyHeader(rw.Header(), res.Header)
   283  
   284  	// The "Trailer" header isn't included in the Transport's response,
   285  	// at least for *http.Transport. Build it up from Trailer.
   286  	announcedTrailers := len(res.Trailer)
   287  	if announcedTrailers > 0 {
   288  		trailerKeys := make([]string, 0, len(res.Trailer))
   289  		for k := range res.Trailer {
   290  			trailerKeys = append(trailerKeys, k)
   291  		}
   292  		rw.Header().Add("Trailer", strings.Join(trailerKeys, ", "))
   293  	}
   294  
   295  	rw.WriteHeader(res.StatusCode)
   296  
   297  	err = p.copyResponse(rw, res.Body, p.flushInterval(req, res))
   298  	if err != nil {
   299  		defer res.Body.Close()
   300  		// Since we're streaming the response, if we run into an error all we can do
   301  		// is abort the request. Issue 23643: ReverseProxy should use ErrAbortHandler
   302  		// on read error while copying body.
   303  		if !shouldPanicOnCopyError(req) {
   304  			p.logf("suppressing panic for copyResponse error in test; copy error: %v", err)
   305  			return
   306  		}
   307  		panic(http.ErrAbortHandler)
   308  	}
   309  	res.Body.Close() // close now, instead of defer, to populate res.Trailer
   310  
   311  	if len(res.Trailer) > 0 {
   312  		// Force chunking if we saw a response trailer.
   313  		// This prevents net/http from calculating the length for short
   314  		// bodies and adding a Content-Length.
   315  		if fl, ok := rw.(http.Flusher); ok {
   316  			fl.Flush()
   317  		}
   318  	}
   319  
   320  	if len(res.Trailer) == announcedTrailers {
   321  		copyHeader(rw.Header(), res.Trailer)
   322  		return
   323  	}
   324  
   325  	for k, vv := range res.Trailer {
   326  		k = http.TrailerPrefix + k
   327  		for _, v := range vv {
   328  			rw.Header().Add(k, v)
   329  		}
   330  	}
   331  }
   332  
   333  var inOurTests bool // whether we're in our own tests
   334  
   335  // shouldPanicOnCopyError reports whether the reverse proxy should
   336  // panic with http.ErrAbortHandler. This is the right thing to do by
   337  // default, but Go 1.10 and earlier did not, so existing unit tests
   338  // weren't expecting panics. Only panic in our own tests, or when
   339  // running under the HTTP server.
   340  func shouldPanicOnCopyError(req *http.Request) bool {
   341  	if inOurTests {
   342  		// Our tests know to handle this panic.
   343  		return true
   344  	}
   345  	if req.Context().Value(http.ServerContextKey) != nil {
   346  		// We seem to be running under an HTTP server, so
   347  		// it'll recover the panic.
   348  		return true
   349  	}
   350  	// Otherwise act like Go 1.10 and earlier to not break
   351  	// existing tests.
   352  	return false
   353  }
   354  
   355  // removeConnectionHeaders removes hop-by-hop headers listed in the "Connection" header of h.
   356  // See RFC 7230, section 6.1
   357  func removeConnectionHeaders(h http.Header) {
   358  	for _, f := range h["Connection"] {
   359  		for _, sf := range strings.Split(f, ",") {
   360  			if sf = strings.TrimSpace(sf); sf != "" {
   361  				h.Del(sf)
   362  			}
   363  		}
   364  	}
   365  }
   366  
   367  // flushInterval returns the p.FlushInterval value, conditionally
   368  // overriding its value for a specific request/response.
   369  func (p *ReverseProxy) flushInterval(req *http.Request, res *http.Response) time.Duration {
   370  	resCT := res.Header.Get("Content-Type")
   371  
   372  	// For Server-Sent Events responses, flush immediately.
   373  	// The MIME type is defined in https://www.w3.org/TR/eventsource/#text-event-stream
   374  	if resCT == "text/event-stream" {
   375  		return -1 // negative means immediately
   376  	}
   377  
   378  	// TODO: more specific cases? e.g. res.ContentLength == -1?
   379  	return p.FlushInterval
   380  }
   381  
   382  func (p *ReverseProxy) copyResponse(dst io.Writer, src io.Reader, flushInterval time.Duration) error {
   383  	if flushInterval != 0 {
   384  		if wf, ok := dst.(writeFlusher); ok {
   385  			mlw := &maxLatencyWriter{
   386  				dst:     wf,
   387  				latency: flushInterval,
   388  			}
   389  			defer mlw.stop()
   390  
   391  			// set up initial timer so headers get flushed even if body writes are delayed
   392  			mlw.flushPending = true
   393  			mlw.t = time.AfterFunc(flushInterval, mlw.delayedFlush)
   394  
   395  			dst = mlw
   396  		}
   397  	}
   398  
   399  	var buf []byte
   400  	if p.BufferPool != nil {
   401  		buf = p.BufferPool.Get()
   402  		defer p.BufferPool.Put(buf)
   403  	}
   404  	_, err := p.copyBuffer(dst, src, buf)
   405  	return err
   406  }
   407  
   408  // copyBuffer returns any write errors or non-EOF read errors, and the amount
   409  // of bytes written.
   410  func (p *ReverseProxy) copyBuffer(dst io.Writer, src io.Reader, buf []byte) (int64, error) {
   411  	if len(buf) == 0 {
   412  		buf = make([]byte, 32*1024)
   413  	}
   414  	var written int64
   415  	for {
   416  		nr, rerr := src.Read(buf)
   417  		if rerr != nil && rerr != io.EOF && rerr != context.Canceled {
   418  			p.logf("httputil: ReverseProxy read error during body copy: %v", rerr)
   419  		}
   420  		if nr > 0 {
   421  			nw, werr := dst.Write(buf[:nr])
   422  			if nw > 0 {
   423  				written += int64(nw)
   424  			}
   425  			if werr != nil {
   426  				return written, werr
   427  			}
   428  			if nr != nw {
   429  				return written, io.ErrShortWrite
   430  			}
   431  		}
   432  		if rerr != nil {
   433  			if rerr == io.EOF {
   434  				rerr = nil
   435  			}
   436  			return written, rerr
   437  		}
   438  	}
   439  }
   440  
   441  func (p *ReverseProxy) logf(format string, args ...interface{}) {
   442  	if p.ErrorLog != nil {
   443  		p.ErrorLog.Printf(format, args...)
   444  	} else {
   445  		log.Printf(format, args...)
   446  	}
   447  }
   448  
   449  type writeFlusher interface {
   450  	io.Writer
   451  	http.Flusher
   452  }
   453  
   454  type maxLatencyWriter struct {
   455  	dst     writeFlusher
   456  	latency time.Duration // non-zero; negative means to flush immediately
   457  
   458  	mu           sync.Mutex // protects t, flushPending, and dst.Flush
   459  	t            *time.Timer
   460  	flushPending bool
   461  }
   462  
   463  func (m *maxLatencyWriter) Write(p []byte) (n int, err error) {
   464  	m.mu.Lock()
   465  	defer m.mu.Unlock()
   466  	n, err = m.dst.Write(p)
   467  	if m.latency < 0 {
   468  		m.dst.Flush()
   469  		return
   470  	}
   471  	if m.flushPending {
   472  		return
   473  	}
   474  	if m.t == nil {
   475  		m.t = time.AfterFunc(m.latency, m.delayedFlush)
   476  	} else {
   477  		m.t.Reset(m.latency)
   478  	}
   479  	m.flushPending = true
   480  	return
   481  }
   482  
   483  func (m *maxLatencyWriter) delayedFlush() {
   484  	m.mu.Lock()
   485  	defer m.mu.Unlock()
   486  	if !m.flushPending { // if stop was called but AfterFunc already started this goroutine
   487  		return
   488  	}
   489  	m.dst.Flush()
   490  	m.flushPending = false
   491  }
   492  
   493  func (m *maxLatencyWriter) stop() {
   494  	m.mu.Lock()
   495  	defer m.mu.Unlock()
   496  	m.flushPending = false
   497  	if m.t != nil {
   498  		m.t.Stop()
   499  	}
   500  }
   501  
   502  func upgradeType(h http.Header) string {
   503  	if !httpguts.HeaderValuesContainsToken(h["Connection"], "Upgrade") {
   504  		return ""
   505  	}
   506  	return strings.ToLower(h.Get("Upgrade"))
   507  }
   508  
   509  func (p *ReverseProxy) handleUpgradeResponse(rw http.ResponseWriter, req *http.Request, res *http.Response) {
   510  	reqUpType := upgradeType(req.Header)
   511  	resUpType := upgradeType(res.Header)
   512  	if reqUpType != resUpType {
   513  		p.getErrorHandler()(rw, req, fmt.Errorf("backend tried to switch protocol %q when %q was requested", resUpType, reqUpType))
   514  		return
   515  	}
   516  
   517  	copyHeader(res.Header, rw.Header())
   518  
   519  	hj, ok := rw.(http.Hijacker)
   520  	if !ok {
   521  		p.getErrorHandler()(rw, req, fmt.Errorf("can't switch protocols using non-Hijacker ResponseWriter type %T", rw))
   522  		return
   523  	}
   524  	backConn, ok := res.Body.(io.ReadWriteCloser)
   525  	if !ok {
   526  		p.getErrorHandler()(rw, req, fmt.Errorf("internal error: 101 switching protocols response with non-writable body"))
   527  		return
   528  	}
   529  	defer backConn.Close()
   530  	conn, brw, err := hj.Hijack()
   531  	if err != nil {
   532  		p.getErrorHandler()(rw, req, fmt.Errorf("Hijack failed on protocol switch: %v", err))
   533  		return
   534  	}
   535  	defer conn.Close()
   536  	res.Body = nil // so res.Write only writes the headers; we have res.Body in backConn above
   537  	if err := res.Write(brw); err != nil {
   538  		p.getErrorHandler()(rw, req, fmt.Errorf("response write: %v", err))
   539  		return
   540  	}
   541  	if err := brw.Flush(); err != nil {
   542  		p.getErrorHandler()(rw, req, fmt.Errorf("response flush: %v", err))
   543  		return
   544  	}
   545  	errc := make(chan error, 1)
   546  	spc := switchProtocolCopier{user: conn, backend: backConn}
   547  	go spc.copyToBackend(errc)
   548  	go spc.copyFromBackend(errc)
   549  	<-errc
   550  	return
   551  }
   552  
   553  // switchProtocolCopier exists so goroutines proxying data back and
   554  // forth have nice names in stacks.
   555  type switchProtocolCopier struct {
   556  	user, backend io.ReadWriter
   557  }
   558  
   559  func (c switchProtocolCopier) copyFromBackend(errc chan<- error) {
   560  	_, err := io.Copy(c.user, c.backend)
   561  	errc <- err
   562  }
   563  
   564  func (c switchProtocolCopier) copyToBackend(errc chan<- error) {
   565  	_, err := io.Copy(c.backend, c.user)
   566  	errc <- err
   567  }
   568
View as plain text