From 2394ef90c6b2185af384f1a8f17b4ff7f0294bac Mon Sep 17 00:00:00 2001
From: Tian <tianpengwei@baidu.com>
Date: Thu, 3 Sep 2020 21:07:11 +0800
Subject: [PATCH 1/2] Fix processing X-Forwarded-For header field-value

Signed-off-by: Tian <tianpengwei@baidu.com>
---
 bfe_server/set_client_addr.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/bfe_server/set_client_addr.go b/bfe_server/set_client_addr.go
index aa6451508..572b9d020 100644
--- a/bfe_server/set_client_addr.go
+++ b/bfe_server/set_client_addr.go
@@ -36,8 +36,8 @@ func setClientAddr(req *bfe_basic.Request) {
 	clientip := req.HttpRequest.Header.Get(bfe_basic.HeaderRealIP)
 	clientport := req.HttpRequest.Header.Get(bfe_basic.HeaderRealPort)
 	if clientip == "" {
-		clientip = getFirstSplitFromHeader(req, bfe_basic.HeaderForwardedFor, ", ")
-		clientport = getFirstSplitFromHeader(req, bfe_basic.HeaderForwardedPort, ", ")
+		clientip = getFirstSplitFromHeader(req, bfe_basic.HeaderForwardedFor, ",")
+		clientport = getFirstSplitFromHeader(req, bfe_basic.HeaderForwardedPort, ",")
 	}
 	if clientip != "" {
 		parseClientAddr(req, clientip, clientport)
@@ -48,7 +48,7 @@ func getFirstSplitFromHeader(req *bfe_basic.Request, header string, sep string)
 	ret := ""
 	if str := req.HttpRequest.Header.Get(header); str != "" {
 		l := strings.SplitN(str, sep, 2)
-		ret = l[0] // get first split from header
+		ret = strings.TrimSpace(l[0]) // get first split from header
 	}
 	return ret
 }

From b89fbee47d416820ee0ac8a79497242749a6cf32 Mon Sep 17 00:00:00 2001
From: Tovi <tianpengwei521@163.com>
Date: Wed, 29 Jun 2022 08:28:19 +0800
Subject: [PATCH 2/2] make some optimizations for http_conn.go

make some optimizations for http_conn.go
---
 bfe_server/http_conn.go | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/bfe_server/http_conn.go b/bfe_server/http_conn.go
index 3f6338ccf..4733fbbb2 100644
--- a/bfe_server/http_conn.go
+++ b/bfe_server/http_conn.go
@@ -275,6 +275,7 @@ func (c *conn) serve() {
 	var hl *bfe_module.HandlerList
 	var retVal int
 	session := c.session
+	c.session.Proto = "http" // init proto
 	c.server.connWaitGroup.Add(1)
 	serverStatus := c.server.serverStatus
 	proxyState := serverStatus.ProxyState
@@ -316,6 +317,7 @@ func (c *conn) serve() {
 	}
 
 	if tlsConn, ok := c.rwc.(*bfe_tls.Conn); ok {
+		c.session.Proto = "https" // update proto
 		proxyState.TlsHandshakeAll.Inc(1)
 		var d time.Duration
 		// set tls handshake timeout
@@ -366,7 +368,7 @@ func (c *conn) serve() {
 				log.Logger.Debug("conn.serve(): Use negotiated protocol %s over TLS", proto)
 				proxyState.ClientConnServedInc(proto, 1) // Note: counter for negotiated protocol
 				proxyState.ClientConnActiveInc(proto, 1)
-				c.session.Proto = proto
+				c.session.Proto = proto	// update proto
 
 				// process protocol over TLS connection (spdy, http2, etc)
 				handler := NewProtocolHandler(c, proto)
@@ -379,12 +381,6 @@ func (c *conn) serve() {
 		}
 	}
 
-	// process requests from http/https protocol
-	if _, ok := c.rwc.(*bfe_tls.Conn); ok {
-		c.session.Proto = "https"
-	} else {
-		c.session.Proto = "http"
-	}
 	proxyState.ClientConnServedInc(c.session.Proto, 1) // Note: counter for http/https protocol
 	proxyState.ClientConnActiveInc(c.session.Proto, 1)