From 4091e93eb0642507766997876a2a3c0b1d8cf8d9 Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Tue, 15 Oct 2024 11:22:28 -0400 Subject: [PATCH 1/2] caddyhttp: Allow matching Transfer-Encoding --- modules/caddyhttp/matchers.go | 18 +++++++++++------- modules/caddyhttp/responsematchers.go | 2 +- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/modules/caddyhttp/matchers.go b/modules/caddyhttp/matchers.go index 93a36237bd1..7f62bdd3abd 100644 --- a/modules/caddyhttp/matchers.go +++ b/modules/caddyhttp/matchers.go @@ -941,7 +941,7 @@ func (m *MatchHeader) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { // Match returns true if r matches m. func (m MatchHeader) Match(r *http.Request) bool { repl := r.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer) - return matchHeaders(r.Header, http.Header(m), r.Host, repl) + return matchHeaders(r.Header, http.Header(m), r.Host, r.TransferEncoding, repl) } // CELLibrary produces options that expose this matcher for use in CEL @@ -967,22 +967,26 @@ func (MatchHeader) CELLibrary(_ caddy.Context) (cel.Library, error) { } // getHeaderFieldVals returns the field values for the given fieldName from input. -// The host parameter should be obtained from the http.Request.Host field since -// net/http removes it from the header map. -func getHeaderFieldVals(input http.Header, fieldName, host string) []string { +// The host parameter should be obtained from the http.Request.Host field, and the +// transferEncoding from http.Request.TransferEncoding, since net/http removes them +// from the header map. +func getHeaderFieldVals(input http.Header, fieldName, host string, transferEncoding []string) []string { fieldName = textproto.CanonicalMIMEHeaderKey(fieldName) if fieldName == "Host" && host != "" { return []string{host} } + if fieldName == "Transfer-Encoding" && input[fieldName] == nil { + return transferEncoding + } return input[fieldName] } // matchHeaders returns true if input matches the criteria in against without regex. // The host parameter should be obtained from the http.Request.Host field since // net/http removes it from the header map. -func matchHeaders(input, against http.Header, host string, repl *caddy.Replacer) bool { +func matchHeaders(input, against http.Header, host string, transferEncoding []string, repl *caddy.Replacer) bool { for field, allowedFieldVals := range against { - actualFieldVals := getHeaderFieldVals(input, field, host) + actualFieldVals := getHeaderFieldVals(input, field, host, transferEncoding) if allowedFieldVals != nil && len(allowedFieldVals) == 0 && actualFieldVals != nil { // a non-nil but empty list of allowed values means // match if the header field exists at all @@ -1076,7 +1080,7 @@ func (m *MatchHeaderRE) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { // Match returns true if r matches m. func (m MatchHeaderRE) Match(r *http.Request) bool { for field, rm := range m { - actualFieldVals := getHeaderFieldVals(r.Header, field, r.Host) + actualFieldVals := getHeaderFieldVals(r.Header, field, r.Host, r.TransferEncoding) match := false fieldVal: for _, actualFieldVal := range actualFieldVals { diff --git a/modules/caddyhttp/responsematchers.go b/modules/caddyhttp/responsematchers.go index cf96b00cda9..a6b34c76dbf 100644 --- a/modules/caddyhttp/responsematchers.go +++ b/modules/caddyhttp/responsematchers.go @@ -41,7 +41,7 @@ func (rm ResponseMatcher) Match(statusCode int, hdr http.Header) bool { if !rm.matchStatusCode(statusCode) { return false } - return matchHeaders(hdr, rm.Headers, "", nil) + return matchHeaders(hdr, rm.Headers, "", []string{}, nil) } func (rm ResponseMatcher) matchStatusCode(statusCode int) bool { From 130c868e95dfd1a8b1d39fd217bc6378f6b72ec0 Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Tue, 15 Oct 2024 12:00:40 -0400 Subject: [PATCH 2/2] Log transfer_encoding on the request --- modules/caddyhttp/marshalers.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/caddyhttp/marshalers.go b/modules/caddyhttp/marshalers.go index c985bb92684..9bce377f4b0 100644 --- a/modules/caddyhttp/marshalers.go +++ b/modules/caddyhttp/marshalers.go @@ -51,6 +51,9 @@ func (r LoggableHTTPRequest) MarshalLogObject(enc zapcore.ObjectEncoder) error { Header: r.Header, ShouldLogCredentials: r.ShouldLogCredentials, }) + if r.TransferEncoding != nil { + enc.AddArray("transfer_encoding", LoggableStringArray(r.TransferEncoding)) + } if r.TLS != nil { enc.AddObject("tls", LoggableTLSConnState(*r.TLS)) }