Beispiel #1
0
// Do not modify header object
func (p *proxyRoundTripper) validateSignature(header *http.Header) error {
	requestedTimeHeader := header.Get(RouteServiceSignature)
	requestedTime, err := common.UnixToTime(requestedTimeHeader)
	if err != nil {
		return err
	}

	if time.Since(requestedTime) > p.routeServiceTimeout {
		return routeServiceExpired
	}
	return nil
}
Beispiel #2
0
			var err error

			routeServiceListener, err = net.Listen("tcp", "127.0.0.1:0")
			Expect(err).NotTo(HaveOccurred())

			tlsListener := newTlsListener(routeServiceListener)
			server := &http.Server{Handler: routeServiceHandler}
			go func() {
				err := server.Serve(tlsListener)
				Expect(err).ToNot(HaveOccurred())
			}()
		})

		BeforeEach(func() {
			routeServiceHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
				tm, err := common.UnixToTime(r.Header.Get(proxy.RouteServiceSignature))
				Expect(err).ToNot(HaveOccurred())

				Expect(time.Since(tm)).Should(BeNumerically(">=", 0))
				Expect(r.Header.Get("X-CF-ApplicationID")).To(Equal(""))

				// validate client request header
				Expect(r.Header.Get("X-CF-Forwarded-Url")).To(Equal("http://my_host.com/resource+9-9_9?query=123&query$2=345#page1..5"))

				w.Write([]byte("My Special Snowflake Route Service\n"))
			})
		})

		Context("with SSLSkipValidation enabled", func() {
			BeforeEach(func() {
				conf.SSLSkipValidation = true