summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSebastian <sebasjm@gmail.com>2022-07-01 19:05:12 -0300
committerSebastian <sebasjm@gmail.com>2022-07-01 19:05:32 -0300
commit3408486b5ba1752e589bec2ba592dcdb638c8be9 (patch)
tree1f28e0fa898aa5f7b60f2fc8f926d2e70411f8d9 /src
parenta3a854aedfb356782dfebfa039ebbf3158cf7161 (diff)
downloadmerchant-3408486b5ba1752e589bec2ba592dcdb638c8be9.tar.gz
merchant-3408486b5ba1752e589bec2ba592dcdb638c8be9.tar.bz2
merchant-3408486b5ba1752e589bec2ba592dcdb638c8be9.zip
Revert "check X-Forwarded-Proto when constructing an URI, useful behind a reverse proxy"
This reverts commit a3a854aedfb356782dfebfa039ebbf3158cf7161. This check is already done in TALER_mhd_is_https in the exchange repo
Diffstat (limited to 'src')
-rw-r--r--src/backend/taler-merchant-httpd_get-orders-ID.c16
-rw-r--r--src/backend/taler-merchant-httpd_get-tips-ID.c32
-rw-r--r--src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c18
-rw-r--r--src/backend/taler-merchant-httpd_private-post-orders.c31
-rw-r--r--src/backend/taler-merchant-httpd_templating.c17
5 files changed, 13 insertions, 101 deletions
diff --git a/src/backend/taler-merchant-httpd_get-orders-ID.c b/src/backend/taler-merchant-httpd_get-orders-ID.c
index 02a4f743..910d53fc 100644
--- a/src/backend/taler-merchant-httpd_get-orders-ID.c
+++ b/src/backend/taler-merchant-httpd_get-orders-ID.c
@@ -377,8 +377,6 @@ TMH_make_order_status_url (struct MHD_Connection *con,
{
const char *host;
const char *forwarded_host;
- const char *forwarded_proto;
- bool proxy_says_https;
const char *uri_path;
struct GNUNET_Buffer buf = { 0 };
/* Number of query parameters written so far */
@@ -390,13 +388,6 @@ TMH_make_order_status_url (struct MHD_Connection *con,
forwarded_host = MHD_lookup_connection_value (con,
MHD_HEADER_KIND,
"X-Forwarded-Host");
- forwarded_proto = MHD_lookup_connection_value (con,
- MHD_HEADER_KIND,
- "X-Forwarded-Proto");
- proxy_says_https = ( (NULL != forwarded_proto) &&
- (0 == strcmp ("https",
- forwarded_proto)))
-
uri_path = MHD_lookup_connection_value (con,
MHD_HEADER_KIND,
"X-Forwarded-Prefix");
@@ -415,17 +406,12 @@ TMH_make_order_status_url (struct MHD_Connection *con,
GNUNET_assert (NULL != instance_id);
GNUNET_assert (NULL != order_id);
- if (GNUNET_NO == TALER_mhd_is_https (con) &&
- ! proxy_says_https)
- {
+ if (GNUNET_NO == TALER_mhd_is_https (con))
GNUNET_buffer_write_str (&buf,
"http://");
- }
else
- {
GNUNET_buffer_write_str (&buf,
"https://");
- }
GNUNET_buffer_write_str (&buf,
host);
if (NULL != uri_path)
diff --git a/src/backend/taler-merchant-httpd_get-tips-ID.c b/src/backend/taler-merchant-httpd_get-tips-ID.c
index e11ff0af..f427b168 100644
--- a/src/backend/taler-merchant-httpd_get-tips-ID.c
+++ b/src/backend/taler-merchant-httpd_get-tips-ID.c
@@ -35,8 +35,6 @@ TMH_make_taler_tip_uri (struct MHD_Connection *con,
{
const char *host;
const char *forwarded_host;
- const char *forwarded_proto;
- bool proxy_says_https;
const char *uri_path;
struct GNUNET_Buffer buf = { 0 };
@@ -47,14 +45,6 @@ TMH_make_taler_tip_uri (struct MHD_Connection *con,
MHD_HEADER_KIND,
"X-Forwarded-Host");
- forwarded_proto = MHD_lookup_connection_value (con,
- MHD_HEADER_KIND,
- "X-Forwarded-Proto");
-
- proxy_says_https = ( (NULL != forwarded_proto) &&
- (0 == strcmp ("https",
- forwarded_proto)))
-
uri_path = MHD_lookup_connection_value (con,
MHD_HEADER_KIND,
"X-Forwarded-Prefix");
@@ -72,13 +62,9 @@ TMH_make_taler_tip_uri (struct MHD_Connection *con,
GNUNET_buffer_write_str (&buf,
"taler");
-
- if (GNUNET_NO == TALER_mhd_is_https (con) &&
- ! proxy_says_https)
- {
+ if (GNUNET_NO == TALER_mhd_is_https (con))
GNUNET_buffer_write_str (&buf,
"+http");
- }
GNUNET_buffer_write_str (&buf,
"://tip/");
GNUNET_buffer_write_str (&buf,
@@ -111,8 +97,6 @@ TMH_make_tip_status_url (struct MHD_Connection *con,
{
const char *host;
const char *forwarded_host;
- const char *forwarded_proto;
- bool proxy_says_https;
const char *uri_path;
struct GNUNET_Buffer buf = { 0 };
@@ -123,13 +107,6 @@ TMH_make_tip_status_url (struct MHD_Connection *con,
MHD_HEADER_KIND,
"X-Forwarded-Host");
- forwarded_proto = MHD_lookup_connection_value (con,
- MHD_HEADER_KIND,
- "X-Forwarded-Proto");
- proxy_says_https = ( (NULL != forwarded_proto) &&
- (0 == strcmp ("https",
- forwarded_proto)))
-
uri_path = MHD_lookup_connection_value (con,
MHD_HEADER_KIND,
"X-Forwarded-Prefix");
@@ -145,17 +122,12 @@ TMH_make_tip_status_url (struct MHD_Connection *con,
GNUNET_assert (NULL != instance_id);
GNUNET_assert (NULL != tip_id);
- if (GNUNET_NO == TALER_mhd_is_https (con) &&
- ! proxy_says_https)
- {
+ if (GNUNET_NO == TALER_mhd_is_https (con))
GNUNET_buffer_write_str (&buf,
"http://");
- }
else
- {
GNUNET_buffer_write_str (&buf,
"https://");
- }
GNUNET_buffer_write_str (&buf,
host);
if (NULL != uri_path)
diff --git a/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c b/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c
index 8bd5b64f..3953fa06 100644
--- a/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c
+++ b/src/backend/taler-merchant-httpd_private-post-orders-ID-refund.c
@@ -84,8 +84,6 @@ make_taler_refund_uri (struct MHD_Connection *connection,
{
const char *host;
const char *forwarded_host;
- const char *forwarded_proto;
- bool proxy_says_https;
const char *uri_path;
struct GNUNET_Buffer buf = { 0 };
@@ -97,13 +95,6 @@ make_taler_refund_uri (struct MHD_Connection *connection,
forwarded_host = MHD_lookup_connection_value (connection,
MHD_HEADER_KIND,
"X-Forwarded-Host");
- forwarded_proto = MHD_lookup_connection_value (connection,
- MHD_HEADER_KIND,
- "X-Forwarded-Proto");
- proxy_says_https = ( (NULL != forwarded_proto) &&
- (0 == strcmp ("https",
- forwarded_proto)))
-
uri_path = MHD_lookup_connection_value (connection,
MHD_HEADER_KIND,
"X-Forwarded-Prefix");
@@ -116,13 +107,8 @@ make_taler_refund_uri (struct MHD_Connection *connection,
return NULL;
}
GNUNET_buffer_write_str (&buf, "taler");
-
- if (GNUNET_NO == TALER_mhd_is_https (connection) &&
- ! proxy_says_https)
- {
- GNUNET_buffer_write_str (&buf,
- "+http");
- }
+ if (GNUNET_NO == TALER_mhd_is_https (connection))
+ GNUNET_buffer_write_str (&buf, "+http");
GNUNET_buffer_write_str (&buf, "://refund/");
GNUNET_buffer_write_str (&buf, host);
if (NULL != uri_path)
diff --git a/src/backend/taler-merchant-httpd_private-post-orders.c b/src/backend/taler-merchant-httpd_private-post-orders.c
index e0cba6a1..efaaf5a7 100644
--- a/src/backend/taler-merchant-httpd_private-post-orders.c
+++ b/src/backend/taler-merchant-httpd_private-post-orders.c
@@ -116,39 +116,19 @@ make_merchant_base_url (struct MHD_Connection *connection,
{
const char *host;
const char *forwarded_host;
- const char *forwarded_proto;
- bool proxy_says_https;
const char *uri_path;
struct GNUNET_Buffer buf = { 0 };
+ if (GNUNET_YES == TALER_mhd_is_https (connection))
+ GNUNET_buffer_write_str (&buf, "https://");
+ else
+ GNUNET_buffer_write_str (&buf, "http://");
host = MHD_lookup_connection_value (connection,
MHD_HEADER_KIND,
MHD_HTTP_HEADER_HOST);
forwarded_host = MHD_lookup_connection_value (connection,
MHD_HEADER_KIND,
"X-Forwarded-Host");
- forwarded_proto = MHD_lookup_connection_value (connection,
- MHD_HEADER_KIND,
- "X-Forwarded-Proto");
- proxy_says_https = ( (NULL != forwarded_proto) &&
- (0 == strcmp ("https",
- forwarded_proto)))
-
- uri_path = MHD_lookup_connection_value (connection,
- MHD_HEADER_KIND,
- "X-Forwarded-Prefix");
-
- if (GNUNET_NO == TALER_mhd_is_https (connection) &&
- ! proxy_says_https)
- {
- GNUNET_buffer_write_str (&buf,
- "http://");
- }
- else
- {
- GNUNET_buffer_write_str (&buf,
- "https://");
- }
if (NULL != forwarded_host)
{
GNUNET_buffer_write_str (&buf,
@@ -160,6 +140,9 @@ make_merchant_base_url (struct MHD_Connection *connection,
GNUNET_buffer_write_str (&buf,
host);
}
+ uri_path = MHD_lookup_connection_value (connection,
+ MHD_HEADER_KIND,
+ "X-Forwarded-Prefix");
if (NULL != uri_path)
GNUNET_buffer_write_path (&buf, uri_path);
diff --git a/src/backend/taler-merchant-httpd_templating.c b/src/backend/taler-merchant-httpd_templating.c
index 3d76a023..9d7766b9 100644
--- a/src/backend/taler-merchant-httpd_templating.c
+++ b/src/backend/taler-merchant-httpd_templating.c
@@ -121,8 +121,6 @@ make_static_url (struct MHD_Connection *con,
{
const char *host;
const char *forwarded_host;
- const char *forwarded_proto;
- bool proxy_says_https;
const char *uri_path;
struct GNUNET_Buffer buf = { 0 };
@@ -132,14 +130,6 @@ make_static_url (struct MHD_Connection *con,
forwarded_host = MHD_lookup_connection_value (con,
MHD_HEADER_KIND,
"X-Forwarded-Host");
- forwarded_proto = MHD_lookup_connection_value (con,
- MHD_HEADER_KIND,
- "X-Forwarded-Proto");
-
- proxy_says_https = ( (NULL != forwarded_proto) &&
- (0 == strcmp ("https",
- forwarded_proto)))
-
uri_path = MHD_lookup_connection_value (con,
MHD_HEADER_KIND,
@@ -155,17 +145,12 @@ make_static_url (struct MHD_Connection *con,
GNUNET_assert (NULL != instance_id);
- if (GNUNET_NO == TALER_mhd_is_https (con) &&
- ! proxy_says_https)
- {
+ if (GNUNET_NO == TALER_mhd_is_https (con))
GNUNET_buffer_write_str (&buf,
"http://");
- }
else
- {
GNUNET_buffer_write_str (&buf,
"https://");
- }
GNUNET_buffer_write_str (&buf,
host);
if (NULL != uri_path)
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-25 08:10:03 +0000