diff options
author | Sebastian <sebasjm@gmail.com> | 2022-07-01 19:05:12 -0300 |
---|---|---|
committer | Sebastian <sebasjm@gmail.com> | 2022-07-01 19:05:32 -0300 |
commit | 3408486b5ba1752e589bec2ba592dcdb638c8be9 (patch) | |
tree | 1f28e0fa898aa5f7b60f2fc8f926d2e70411f8d9 /src | |
parent | a3a854aedfb356782dfebfa039ebbf3158cf7161 (diff) | |
download | merchant-3408486b5ba1752e589bec2ba592dcdb638c8be9.tar.gz merchant-3408486b5ba1752e589bec2ba592dcdb638c8be9.tar.bz2 merchant-3408486b5ba1752e589bec2ba592dcdb638c8be9.zip |
Revert "check X-Forwarded-Proto when constructing an URI, useful behind a reverse proxy"
This reverts commit a3a854aedfb356782dfebfa039ebbf3158cf7161.
This check is already done in TALER_mhd_is_https in the exchange repo
Diffstat (limited to 'src')
5 files changed, 13 insertions, 101 deletions
diff --git a/src/backend/taler-merchant-httpd_get-orders-ID.c b/src/backend/taler-merchant-httpd_get-orders-ID.c index 02a4f743..910d53fc 100644 --- a/src/backend/taler-merchant-httpd_get-orders-ID.c +++ b/src/backend/taler-merchant-httpd_get-orders-ID.c @@ -377,8 +377,6 @@ TMH_make_order_status_url (struct MHD_Connection *con, { const char *host; const char *forwarded_host; - const char *forwarded_proto; - bool proxy_says_https; const char *uri_path; struct GNUNET_Buffer buf = { 0 }; /* Number of query parameters written so far */ @@ -390,13 +388,6 @@ TMH_make_order_status_url (struct MHD_Connection *con, forwarded_host = MHD_lookup_connection_value (con, MHD_HEADER_KIND, "X-Forwarded-Host"); - forwarded_proto = MHD_lookup_connection_value (con, - MHD_HEADER_KIND, - "X-Forwarded-Proto"); - proxy_says_https = ( (NULL != forwarded_proto) && - (0 == strcmp ("https", - forwarded_proto))) - uri_path = MHD_lookup_connection_value (con, MHD_HEADER_KIND, "X-Forwarded-Prefix"); @@ -415,17 +406,12 @@ TMH_make_order_status_url (struct MHD_Connection *con, GNUNET_assert (NULL != instance_id); GNUNET_assert (NULL != order_id); - if (GNUNET_NO == TALER_mhd_is_https (con) && - ! proxy_says_https) - { + if (GNUNET_NO == TALER_mhd_is_https (con)) GNUNET_buffer_write_str (&buf, "http://"); - } else - { GNUNET_buffer_write_str (&buf, "https://"); - } GNUNET_buffer_write_str (&buf, host); if (NULL != uri_path) diff --git a/src/backend/taler-merchant-httpd_get-tips-ID.c b/src/backend/taler-merchant-httpd_get-tips-ID.c index e11ff0af..f427b168 100644 --- a/src/backend/taler-merchant-httpd_get-tips-ID.c +++ b/src/backend/taler-merchant-httpd_get-tips-ID.c @@ -35,8 +35,6 @@ TMH_make_taler_tip_uri (struct MHD_Connection *con, { const char *host; const char *forwarded_host; - const char *forwarded_proto; - bool proxy_says_https; const char *uri_path; struct GNUNET_Buffer buf = { 0 }; @@ -47,14 +45,6 @@ TMH_make_taler_tip_uri (struct MHD_Connection *con, MHD_HEADER_KIND, "X-Forwarded-Host"); - forwarded_proto = MHD_lookup_connection_value (con, - MHD_HEADER_KIND, - "X-Forwarded-Proto"); - - proxy_says_https = ( (NULL != forwarded_proto) && - (0 == strcmp ("https", - forwarded_proto))) - uri_path = MHD_lookup_connection_value (con, MHD_HEADER_KIND, "X-Forwarded-Prefix"); @@ -72,13 +62,9 @@ TMH_make_taler_tip_uri (struct MHD_Connection *con, GNUNET_buffer_write_str (&buf, "taler"); - - if (GNUNET_NO == TALER_mhd_is_https (con) && - ! proxy_says_https) - { + if (GNUNET_NO == TALER_mhd_is_https (con)) GNUNET_buffer_write_str (&buf, "+http"); - } GNUNET_buffer_write_str (&buf, "://tip/"); GNUNET_buffer_write_str (&buf, @@ -111,8 +97,6 @@ TMH_make_tip_status_url (struct MHD_Connection *con, { const char *host; const char *forwarded_host; - const char *forwarded_proto; - bool proxy_says_https; const char *uri_path; struct GNUNET_Buffer buf = { 0 }; @@ -123,13 +107,6 @@ TMH_make_tip_status_url (struct MHD_Connection *con, MHD_HEADER_KIND, "X-Forwarded-Host"); - forwarded_proto = MHD_lookup_connection_value (con, - MHD_HEADER_KIND, - "X-Forwarded-Proto"); - proxy_says_https = ( (NULL != forwarded_proto) && - (0 == strcmp ("https", - forwarded_proto))) - uri_path = MHD_lookup_connection_value (con, MHD_HEADER_KIND, "X-Forwarded-Prefix"); @@ -145,17 +122,12 @@ TMH_make_tip_status_url (struct MHD_Connection *con, GNUNET_assert (NULL != instance_id); GNUNET_assert (NULL != tip_id); - if (GNUNET_NO == TALER_mhd_is_https (con) && - ! proxy_says_https) - { + if (GNUNET_NO == TALER_mhd_is_https (con)) GNUNET_buffer_write_str (&buf, "http://"); - } else - { GNUNET_buffer_write_str (&buf, "https://"); - } GNUNET_buffer_write_str (&buf, host); if (NULL != uri_path) diff --git a/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c b/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c index 8bd5b64f..3953fa06 100644 --- a/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c +++ b/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c @@ -84,8 +84,6 @@ make_taler_refund_uri (struct MHD_Connection *connection, { const char *host; const char *forwarded_host; - const char *forwarded_proto; - bool proxy_says_https; const char *uri_path; struct GNUNET_Buffer buf = { 0 }; @@ -97,13 +95,6 @@ make_taler_refund_uri (struct MHD_Connection *connection, forwarded_host = MHD_lookup_connection_value (connection, MHD_HEADER_KIND, "X-Forwarded-Host"); - forwarded_proto = MHD_lookup_connection_value (connection, - MHD_HEADER_KIND, - "X-Forwarded-Proto"); - proxy_says_https = ( (NULL != forwarded_proto) && - (0 == strcmp ("https", - forwarded_proto))) - uri_path = MHD_lookup_connection_value (connection, MHD_HEADER_KIND, "X-Forwarded-Prefix"); @@ -116,13 +107,8 @@ make_taler_refund_uri (struct MHD_Connection *connection, return NULL; } GNUNET_buffer_write_str (&buf, "taler"); - - if (GNUNET_NO == TALER_mhd_is_https (connection) && - ! proxy_says_https) - { - GNUNET_buffer_write_str (&buf, - "+http"); - } + if (GNUNET_NO == TALER_mhd_is_https (connection)) + GNUNET_buffer_write_str (&buf, "+http"); GNUNET_buffer_write_str (&buf, "://refund/"); GNUNET_buffer_write_str (&buf, host); if (NULL != uri_path) diff --git a/src/backend/taler-merchant-httpd_private-post-orders.c b/src/backend/taler-merchant-httpd_private-post-orders.c index e0cba6a1..efaaf5a7 100644 --- a/src/backend/taler-merchant-httpd_private-post-orders.c +++ b/src/backend/taler-merchant-httpd_private-post-orders.c @@ -116,39 +116,19 @@ make_merchant_base_url (struct MHD_Connection *connection, { const char *host; const char *forwarded_host; - const char *forwarded_proto; - bool proxy_says_https; const char *uri_path; struct GNUNET_Buffer buf = { 0 }; + if (GNUNET_YES == TALER_mhd_is_https (connection)) + GNUNET_buffer_write_str (&buf, "https://"); + else + GNUNET_buffer_write_str (&buf, "http://"); host = MHD_lookup_connection_value (connection, MHD_HEADER_KIND, MHD_HTTP_HEADER_HOST); forwarded_host = MHD_lookup_connection_value (connection, MHD_HEADER_KIND, "X-Forwarded-Host"); - forwarded_proto = MHD_lookup_connection_value (connection, - MHD_HEADER_KIND, - "X-Forwarded-Proto"); - proxy_says_https = ( (NULL != forwarded_proto) && - (0 == strcmp ("https", - forwarded_proto))) - - uri_path = MHD_lookup_connection_value (connection, - MHD_HEADER_KIND, - "X-Forwarded-Prefix"); - - if (GNUNET_NO == TALER_mhd_is_https (connection) && - ! proxy_says_https) - { - GNUNET_buffer_write_str (&buf, - "http://"); - } - else - { - GNUNET_buffer_write_str (&buf, - "https://"); - } if (NULL != forwarded_host) { GNUNET_buffer_write_str (&buf, @@ -160,6 +140,9 @@ make_merchant_base_url (struct MHD_Connection *connection, GNUNET_buffer_write_str (&buf, host); } + uri_path = MHD_lookup_connection_value (connection, + MHD_HEADER_KIND, + "X-Forwarded-Prefix"); if (NULL != uri_path) GNUNET_buffer_write_path (&buf, uri_path); diff --git a/src/backend/taler-merchant-httpd_templating.c b/src/backend/taler-merchant-httpd_templating.c index 3d76a023..9d7766b9 100644 --- a/src/backend/taler-merchant-httpd_templating.c +++ b/src/backend/taler-merchant-httpd_templating.c @@ -121,8 +121,6 @@ make_static_url (struct MHD_Connection *con, { const char *host; const char *forwarded_host; - const char *forwarded_proto; - bool proxy_says_https; const char *uri_path; struct GNUNET_Buffer buf = { 0 }; @@ -132,14 +130,6 @@ make_static_url (struct MHD_Connection *con, forwarded_host = MHD_lookup_connection_value (con, MHD_HEADER_KIND, "X-Forwarded-Host"); - forwarded_proto = MHD_lookup_connection_value (con, - MHD_HEADER_KIND, - "X-Forwarded-Proto"); - - proxy_says_https = ( (NULL != forwarded_proto) && - (0 == strcmp ("https", - forwarded_proto))) - uri_path = MHD_lookup_connection_value (con, MHD_HEADER_KIND, @@ -155,17 +145,12 @@ make_static_url (struct MHD_Connection *con, GNUNET_assert (NULL != instance_id); - if (GNUNET_NO == TALER_mhd_is_https (con) && - ! proxy_says_https) - { + if (GNUNET_NO == TALER_mhd_is_https (con)) GNUNET_buffer_write_str (&buf, "http://"); - } else - { GNUNET_buffer_write_str (&buf, "https://"); - } GNUNET_buffer_write_str (&buf, host); if (NULL != uri_path) |