Replace Forwarded Headers via ASP.NET Core middleware

2025-03-03 17:36:59 +01:00 · 2019-03-04 20:48:19 +09:00 · 2019-03-04 20:48:19 +09:00 · bcea6027e9
commit bcea6027e9
parent a9722df7e4
2 changed files with 5 additions and 54 deletions
--- a/BTCPayServer/Hosting/BTCpayMiddleware.cs
+++ b/BTCPayServer/Hosting/BTCpayMiddleware.cs
@ -32,8 +32,6 @@ namespace BTCPayServer.Hosting

        public async Task Invoke(HttpContext httpContext)
        {
-            RewriteHostIfNeeded(httpContext);
-
            try
            {
                var bitpayAuth = GetBitpayAuth(httpContext, out bool isBitpayAuth);
@ -125,57 +123,6 @@ namespace BTCPayServer.Hosting
            return false;
        }

-        private void RewriteHostIfNeeded(HttpContext httpContext)
-        {
-            string reverseProxyScheme = null;
-            if (httpContext.Request.Headers.TryGetValue("X-Forwarded-Proto", out StringValues proto))
-            {
-                var scheme = proto.SingleOrDefault();
-                if (scheme != null)
-                {
-                    reverseProxyScheme = scheme;
-                }
-            }
-
-            ushort? reverseProxyPort = null;
-            if (httpContext.Request.Headers.TryGetValue("X-Forwarded-Port", out StringValues port))
-            {
-                var portString = port.SingleOrDefault();
-                if (portString != null && ushort.TryParse(portString, out ushort pp))
-                {
-                    reverseProxyPort = pp;
-                }
-            }
-
-            // NGINX pass X-Forwarded-Proto and X-Forwarded-Port, so let's use that to have better guess of the real domain
-
-            ushort? p = null;
-            if (reverseProxyScheme != null)
-            {
-                httpContext.Request.Scheme = reverseProxyScheme;
-                if (reverseProxyScheme == "http")
-                    p = 80;
-                if (reverseProxyScheme == "https")
-                    p = 443;
-            }
-
-            if (reverseProxyPort != null)
-            {
-                p = reverseProxyPort.Value;
-            }
-
-            if (p.HasValue)
-            {
-                bool isDefault = httpContext.Request.Scheme == "http" && p.Value == 80;
-                isDefault |= httpContext.Request.Scheme == "https" && p.Value == 443;
-                if (isDefault)
-                    httpContext.Request.Host = new HostString(httpContext.Request.Host.Host);
-                else
-                    httpContext.Request.Host = new HostString(httpContext.Request.Host.Host, p.Value);
-            }
-
-        }
-
        private static async Task HandleBitpayHttpException(HttpContext httpContext, BitpayHttpException ex)
        {
            httpContext.Response.StatusCode = ex.StatusCode;
--- a/BTCPayServer/Hosting/Startup.cs
+++ b/BTCPayServer/Hosting/Startup.cs
@ -17,6 +17,7 @@ using Microsoft.AspNetCore.Mvc.Infrastructure;
 using BTCPayServer.Services;
 using BTCPayServer.Models;
 using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.HttpOverrides;
 using BTCPayServer.Data;
 using Microsoft.Extensions.Logging;
 using BTCPayServer.Logging;
@ -158,7 +159,10 @@ namespace BTCPayServer.Hosting
            {
                app.UseDeveloperExceptionPage();
            }
-
+            app.UseForwardedHeaders(new ForwardedHeadersOptions()
+            {
+                ForwardedHeaders = ForwardedHeaders.All
+            });
            app.UseCors();
            app.UsePayServer();
            app.UseStaticFiles();