From 385edc0953a016d5d169992bd3b9d0964b0bb679 Mon Sep 17 00:00:00 2001 From: Bryan Ashby Date: Wed, 31 May 2017 22:13:44 -0600 Subject: [PATCH] X-Forwarded-Proto isSecure override option --- core/servers/login/websocket.js | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/core/servers/login/websocket.js b/core/servers/login/websocket.js index 3cad496e..41a3e838 100644 --- a/core/servers/login/websocket.js +++ b/core/servers/login/websocket.js @@ -25,7 +25,7 @@ const ModuleInfo = exports.moduleInfo = { function WebSocketClient(ws, req, serverType) { Object.defineProperty(this, 'isSecure', { - get : () => 'secure' === serverType ? true : false, + get : () => ('secure' === serverType || true === this.secureProxyConnection) ? true : false, }); // @@ -69,6 +69,19 @@ function WebSocketClient(ws, req, serverType) { TelnetClient.call(this, this.socketBridge, this.socketBridge); + Log.trace( { headers : req.headers }, 'WebSocket connection headers' ); + + // + // If the config allows it, look for 'x-forwarded-proto' as "https" + // to override |isSecure| + // + if(true === _.get(Config, 'loginServers.webSocket.secureProxy') && + 'https' === req.headers['x-forwarded-proto']) + { + Log.debug(`Assuming secure connection due to X-Forwarded-Proto of ${req.headers['x-forwarded-proto']}`); + this.secureProxyConnection = true; + } + // start handshake process this.banner(); }