Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add filter to get the host or :authority #432

Open
Restioson opened this issue Feb 2, 2020 · 7 comments
Open

Add filter to get the host or :authority #432

Restioson opened this issue Feb 2, 2020 · 7 comments
Labels

Comments

@Restioson
Copy link

@Restioson Restioson commented Feb 2, 2020

It appears that when using TLS with Warp, the HTTP Host header is stripped. Therefore, warp::header<String>("host") on a TLS server will fail.

Ironically, the Haskell framework with the same name had an identical bug: yesodweb/wai#478

@jxs
Copy link
Collaborator

@jxs jxs commented Feb 3, 2020

hum, doesn't seem to me this is a bug, when warp is serving using TLS, clients offer Http2 using ALPN, hyper then upgrades the connection to Http2, and per the Http2 spec:

Clients that generate HTTP/2 requests directly SHOULD use the :authority pseudo-header field instead of the Host header field.

accessing the host via Uri::authority() doesn't work for you?
you can get it constructing an Uri with warp::path::full()

@Restioson
Copy link
Author

@Restioson Restioson commented Feb 3, 2020

Thanks, I will try both when I get home.

@Restioson
Copy link
Author

@Restioson Restioson commented Feb 3, 2020

I first tried extracting :authority and authority using the warp::header method, to be greeted by identical behaviour of requiring host. For reference, here are my Firefox raw HTTPS request headers:

Host: 127.0.0.1:8080
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
TE: Trailers

Other info:

Request URL:https://127.0.0.1:8080/invite/4XwS5ZEoVHU
Request Method:GET
Remote Address:127.0.0.1:8080
Status Code:
400
Version:HTTP/2.0

However, warp::path::full() does work! Thanks!

@Restioson Restioson closed this Feb 3, 2020
@Restioson
Copy link
Author

@Restioson Restioson commented Feb 3, 2020

Oops, nevermind. It looks like warp::path::full just returns the path rather than the entire URI (makes sense, given its name).

@Restioson Restioson reopened this Feb 3, 2020
@jxs
Copy link
Collaborator

@jxs jxs commented Feb 3, 2020

ah! you are right! warp::path::full doesn't return the Authority
hum, this could solved by making FullPath be

struct FulllPath(String)

instead
and warp::reply::full be

pub fn full() -> impl Filter<Extract = One<FullPath>, Error = Infallible> + Copy {
    filter_fn(move |route| {
        future::ok(one(FullPath(route.uri().to_string())))
    })
}

cc @seanmonstar

@seanmonstar
Copy link
Owner

@seanmonstar seanmonstar commented Feb 5, 2020

We could add a host() filter which checks the URI authority and if not present, checks for the host header (RFC 7230 specifies that order).

Probably return some newtype Host, wrapping a http::uri::Authority?

@seanmonstar seanmonstar changed the title TLS + Warp leads to the HTTP Host header being stripped Add filter to get the host or :authority Feb 5, 2020
@jxs
Copy link
Collaborator

@jxs jxs commented Feb 6, 2020

ah yeah, totally forgot that changing warp::reply::full behavior would be a breaking change, host() filter makes more sense 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
You can’t perform that action at this time.