// Do not modify header object func (p *proxyRoundTripper) validateSignature(header *http.Header) error { requestedTimeHeader := header.Get(RouteServiceSignature) requestedTime, err := common.UnixToTime(requestedTimeHeader) if err != nil { return err } if time.Since(requestedTime) > p.routeServiceTimeout { return routeServiceExpired } return nil }
var err error routeServiceListener, err = net.Listen("tcp", "127.0.0.1:0") Expect(err).NotTo(HaveOccurred()) tlsListener := newTlsListener(routeServiceListener) server := &http.Server{Handler: routeServiceHandler} go func() { err := server.Serve(tlsListener) Expect(err).ToNot(HaveOccurred()) }() }) BeforeEach(func() { routeServiceHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { tm, err := common.UnixToTime(r.Header.Get(proxy.RouteServiceSignature)) Expect(err).ToNot(HaveOccurred()) Expect(time.Since(tm)).Should(BeNumerically(">=", 0)) Expect(r.Header.Get("X-CF-ApplicationID")).To(Equal("")) // validate client request header Expect(r.Header.Get("X-CF-Forwarded-Url")).To(Equal("http://my_host.com/resource+9-9_9?query=123&query$2=345#page1..5")) w.Write([]byte("My Special Snowflake Route Service\n")) }) }) Context("with SSLSkipValidation enabled", func() { BeforeEach(func() { conf.SSLSkipValidation = true