Merge pull request #529 from FiloSottile/filippo/insecure

proxy: add a insecure_skip_verify option - closes #320
2025-01-23 10:45:49 +03:00 · 2016-01-23 09:13:30 -07:00 · 2016-01-23 09:13:30 -07:00 · fae612d53b
commit fae612d53b
parent 6e340cb1d6 bae4ac9764
2 changed files with 21 additions and 4 deletions
--- a/middleware/proxy/reverseproxy.go
+++ b/middleware/proxy/reverseproxy.go
@ -12,6 +12,7 @@
 package proxy
 import (
 	"crypto/tls"
 	"io"
 	"net"
 	"net/http"
@ -103,6 +104,16 @@ var hopHeaders = []string{
 	"Upgrade",
 }
 var InsecureTransport http.RoundTripper = &http.Transport{
 	Proxy: http.ProxyFromEnvironment,
 	Dial: (&net.Dialer{
 		Timeout:   30 * time.Second,
 		KeepAlive: 30 * time.Second,
 	}).Dial,
 	TLSHandshakeTimeout: 10 * time.Second,
 	TLSClientConfig:     &tls.Config{InsecureSkipVerify: true},
 }
 func (p *ReverseProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request, extraHeaders http.Header) error {
 	transport := p.Transport
 	if transport == nil {
--- a/middleware/proxy/upstream.go
+++ b/middleware/proxy/upstream.go
@ -19,10 +19,11 @@ var (
 )
 type staticUpstream struct {
-	from         string
+	from               string
-	proxyHeaders http.Header
+	proxyHeaders       http.Header
-	Hosts        HostPool
+	Hosts              HostPool
-	Policy       Policy
+	Policy             Policy
 	insecureSkipVerify bool
 	FailTimeout time.Duration
 	MaxFails    int32
@ -90,6 +91,9 @@ func NewStaticUpstreams(c parse.Dispenser) ([]Upstream, error) {
 			}
 			if baseURL, err := url.Parse(uh.Name); err == nil {
 				uh.ReverseProxy = NewSingleHostReverseProxy(baseURL, uh.WithoutPathPrefix)
 				if upstream.insecureSkipVerify {
 					uh.ReverseProxy.Transport = InsecureTransport
 				}
 			} else {
 				return upstreams, err
 			}
@ -175,6 +179,8 @@ func parseBlock(c *parse.Dispenser, u *staticUpstream) error {
 			return c.ArgErr()
 		}
 		u.IgnoredSubPaths = ignoredPaths
 	case "insecure_skip_verify":
 		u.insecureSkipVerify = true
 	default:
 		return c.Errf("unknown property '%s'", c.Val())
 	}