reverseproxy: Apply response header ops before copying it (fix #3382) (#3401)

This commit is contained in:
Matt Holt 2020-05-13 09:52:20 -06:00 committed by GitHub
parent aef560c7fc
commit 90c7b4b0a1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -510,6 +510,15 @@ func (h *Handler) reverseProxy(rw http.ResponseWriter, req *http.Request, di Dia
res.Header.Del(h)
}
// apply any response header operations
if h.Headers != nil && h.Headers.Response != nil {
if h.Headers.Response.Require == nil ||
h.Headers.Response.Require.Match(res.StatusCode, res.Header) {
repl := req.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer)
h.Headers.Response.ApplyTo(res.Header, repl)
}
}
copyHeader(rw.Header(), res.Header)
// The "Trailer" header isn't included in the Transport's response,
@ -523,15 +532,6 @@ func (h *Handler) reverseProxy(rw http.ResponseWriter, req *http.Request, di Dia
rw.Header().Add("Trailer", strings.Join(trailerKeys, ", "))
}
// apply any response header operations
if h.Headers != nil && h.Headers.Response != nil {
if h.Headers.Response.Require == nil ||
h.Headers.Response.Require.Match(res.StatusCode, rw.Header()) {
repl := req.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer)
h.Headers.Response.ApplyTo(rw.Header(), repl)
}
}
// TODO: there should be an option to return an error if the response
// matches some criteria; would solve https://github.com/caddyserver/caddy/issues/1447
// by allowing the backend to determine whether this server should treat