Disabled redirectWhenHttpProto

vfarcic · Nov 24, 2017 · 912fad7 · 912fad7
1 parent 808c39a
commit 912fad7
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 35 deletions.
diff --git a/docs/usage.md b/docs/usage.md
@@ -54,7 +54,7 @@ The following query parameters can be used only when `reqMode` is set to `http`
 |outboundHostname|The hostname where the service is running, for instance on a separate swarm. If specified, the proxy will dispatch requests to that domain. The parameter can be prefixed with an index thus allowing definition of multiple destinations for a single service (e.g. `outboundHostname.1`, `outboundHostname.2`, and so on).<br>**Example:** `ecme.com`|
 |pathType     |The ACL derivative. Defaults to *path_beg*. See [HAProxy path](https://cbonte.github.io/haproxy-dconv/configuration-1.5.html#7.3.6-path) for more info.<br>**Example:** `path_beg`|
 |redirectFromDomain|If a request is sent to one of the domains in this list, it will be redirected to one of the values of the `serviceDomain`. Multiple domains can be separated with comma (e.g. `acme.com,something.acme.com`). The parameter can be prefixed with an index thus allowing definition of multiple destinations for a single service.<br>**Example:** `acme.com,something.acme.com`|
-|redirectWhenHttpProto|Whether to redirect to https when X-Forwarded-Proto is set and the request is made over an HTTP port.<br>**Example:** `true`<br>**Default Value:** `false`|
+|redirectWhenHttpProto|**This parameter is temporarily disabled until the problems around it are solved**. Whether to redirect to https when X-Forwarded-Proto is set and the request is made over an HTTP port.<br>**Example:** `true`<br>**Default Value:** `false`|
 |serviceCert  |Content of the PEM-encoded certificate to be used by the proxy when serving traffic over SSL.|
 |serviceDomain  |The domain of the service. If set, the proxy will allow access only to requests coming to that domain. Multiple domains can be separated with comma (e.g. `acme.com,something.else.com`). The parameter can be prefixed with an index thus allowing definition of multiple destinations for a single service (e.g. `serviceDomain.1`, `serviceDomain.2`, and so on).  Asterisk sign can be placed to beginning of value and in this case **serviceDomainAlgo** parameter will be **replaced** to `hdr_end(host)`. This parameter is **mandatory** if `servicePath` is not specified.<br>**Example:** `ecme.com`|
 |serviceDomainAlgo|Algorithm that should be applied to domain ACLs. Any ACL works only with one flag: `-i : ignore case during matching of all subsequent patterns`. If not set, the value of the environment variable `SERVICE_DOMAIN_ALGO` will be used instead. If defaults to `hdr_beg(host)`<br>**Examples:**<br>`hdr(host)`: matches only if domain is the same as `serviceDomain`<br>`hdr_dom(host)`: matches the specified `serviceDomain` and any subdomain (a string either isolated or delimited by dots). **Example:** if `hdr_dom(host)` contains `www.ecme.com` and `serviceDomain` equals `ecme.com` the rule will be passed.<br>`req.ssl_sni`: matches Server Name TLS extension|

diff --git a/proxy/ha_proxy.go b/proxy/ha_proxy.go
@@ -441,6 +441,8 @@ func (m *HaProxy) getSni(services *Services, config *configData) {
 		for i, sd := range s.ServiceDest {
 			if strings.EqualFold(sd.ReqMode, "http") {
 				if !httpDone {
+					// TODO: Remove that line once the problems with redirectWhenHttpProto are resolved
+					s.RedirectWhenHttpProto = false
 					config.ContentFrontend += getFrontTemplate(s)
 				}
 				httpDone = true

diff --git a/proxy/ha_proxy_test.go b/proxy/ha_proxy_test.go
@@ -1459,40 +1459,40 @@ func (s HaProxyTestSuite) Test_CreateConfigFromTemplates_AddsContentFrontEndWith
 	s.Equal(expectedData, actualData)
 }
 
-func (s HaProxyTestSuite) Test_CreateConfigFromTemplates_ForwardsToHttps_WhenRedirectWhenHttpProtoIsTrue() {
-	var actualData string
-	tmpl := s.TemplateContent
-	expectedData := fmt.Sprintf(
-		`%s
-    acl url_my-service1111_0 path_beg /path
-    acl domain_my-service1111_0 hdr_beg(host) -i my-domain.com
-    acl is_my-service_http hdr(X-Forwarded-Proto) http
-    http-request redirect scheme https if is_my-service_http url_my-service1111_0 domain_my-service1111_0
-    acl is_my-service_https hdr(X-Forwarded-Proto) https
-    http-request redirect scheme https if !is_my-service_https url_my-service1111_0 domain_my-service1111_0
-    use_backend my-service-be1111_0 if url_my-service1111_0 domain_my-service1111_0%s`,
-		tmpl,
-		s.ServicesContent,
-	)
-	writeFile = func(filename string, data []byte, perm os.FileMode) error {
-		actualData = string(data)
-		return nil
-	}
-	p := NewHaProxy(s.TemplatesPath, s.ConfigsPath)
-	dataInstance.Services["my-service"] = Service{
-		ServiceName:           "my-service",
-		PathType:              "path_beg",
-		RedirectWhenHttpProto: true,
-		AclName:               "my-service",
-		ServiceDest: []ServiceDest{
-			{Port: "1111", ServicePath: []string{"/path"}, ServiceDomain: []string{"my-domain.com"}},
-		},
-	}
-
-	p.CreateConfigFromTemplates()
-
-	s.Equal(expectedData, actualData)
-}
+// func (s HaProxyTestSuite) Test_CreateConfigFromTemplates_ForwardsToHttps_WhenRedirectWhenHttpProtoIsTrue() {
+// 	var actualData string
+// 	tmpl := s.TemplateContent
+// 	expectedData := fmt.Sprintf(
+// 		`%s
+//     acl url_my-service1111_0 path_beg /path
+//     acl domain_my-service1111_0 hdr_beg(host) -i my-domain.com
+//     acl is_my-service_http hdr(X-Forwarded-Proto) http
+//     http-request redirect scheme https if is_my-service_http url_my-service1111_0 domain_my-service1111_0
+//     acl is_my-service_https hdr(X-Forwarded-Proto) https
+//     http-request redirect scheme https if !is_my-service_https url_my-service1111_0 domain_my-service1111_0
+//     use_backend my-service-be1111_0 if url_my-service1111_0 domain_my-service1111_0%s`,
+// 		tmpl,
+// 		s.ServicesContent,
+// 	)
+// 	writeFile = func(filename string, data []byte, perm os.FileMode) error {
+// 		actualData = string(data)
+// 		return nil
+// 	}
+// 	p := NewHaProxy(s.TemplatesPath, s.ConfigsPath)
+// 	dataInstance.Services["my-service"] = Service{
+// 		ServiceName:           "my-service",
+// 		PathType:              "path_beg",
+// 		RedirectWhenHttpProto: true,
+// 		AclName:               "my-service",
+// 		ServiceDest: []ServiceDest{
+// 			{Port: "1111", ServicePath: []string{"/path"}, ServiceDomain: []string{"my-domain.com"}},
+// 		},
+// 	}
+
+// 	p.CreateConfigFromTemplates()
+
+// 	s.Equal(expectedData, actualData)
+// }
 
 func (s HaProxyTestSuite) Test_CreateConfigFromTemplates_ForwardsToDomain_WhenRedirectFromDomainIsSet() {
 	var actualData string