This repository has been archived by the owner on May 24, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
proxy.ts
139 lines (130 loc) · 3.63 KB
/
proxy.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
import { Cookie, Request, setCookie } from "./deps.ts";
const hopByHop = [
"Keep-Alive",
"Transfer-Encoding",
"TE",
"Connection",
"Trailer",
"Upgrade",
"Proxy-Authorization",
"Proxy-Authenticate",
];
/**
* TODO: Remove this function once this PR is merged:
* https://github.com/denoland/deno_std/pull/3152/files
*/
function parseSetCookie(value: string): Cookie | null {
const attrs = value
.split(";")
.map((attr) => {
const [key, ...values] = attr.trim().split("=").map((keyOrValue) =>
keyOrValue.trim()
);
return [key, values.join("=")];
});
const cookie: Cookie = {
name: attrs[0][0],
value: attrs[0][1],
};
for (const [key, value] of attrs.slice(1)) {
switch (key.toLocaleLowerCase()) {
case "expires":
cookie.expires = new Date(value);
break;
case "max-age":
cookie.maxAge = Number(value);
if (cookie.maxAge < 0) {
console.warn(
"Max-Age must be an integer superior or equal to 0. Cookie ignored.",
);
return null;
}
break;
case "domain":
cookie.domain = value;
break;
case "path":
cookie.path = value;
break;
case "secure":
cookie.secure = true;
break;
case "httponly":
cookie.httpOnly = true;
break;
case "samesite":
cookie.sameSite = value as Cookie["sameSite"];
break;
default:
if (!Array.isArray(cookie.unparsed)) {
cookie.unparsed = [];
}
cookie.unparsed.push([key, value].join("="));
}
}
if (cookie.name.startsWith("__Secure-")) {
/** This requirement is mentioned in https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie but not the RFC. */
if (!cookie.secure) {
console.warn(
"Cookies with names starting with `__Secure-` must be set with the secure flag. Cookie ignored.",
);
return null;
}
}
if (cookie.name.startsWith("__Host-")) {
if (!cookie.secure) {
console.warn(
"Cookies with names starting with `__Host-` must be set with the secure flag. Cookie ignored.",
);
return null;
}
if (cookie.domain !== undefined) {
console.warn(
"Cookies with names starting with `__Host-` must not have a domain specified. Cookie ignored.",
);
return null;
}
if (cookie.path !== "/") {
console.warn(
"Cookies with names starting with `__Host-` must have path be `/`. Cookie has been ignored.",
);
return null;
}
}
return cookie;
}
function getSetCookies(headers: Headers): Cookie[] {
if (!headers.has("set-cookie")) {
return [];
}
// deno-lint-ignore no-explicit-any
return [...(headers as any).entries()]
.filter(([key]) => key === "set-cookie")
.map(([_, value]) => value)
/** Parse each `set-cookie` header separately */
.map(parseSetCookie)
/** Skip empty cookies */
.filter(Boolean) as Cookie[];
}
export const proxy = async (to: string, req: Request) => {
const url = new URL(req.url);
const headers = new Headers(req.headers);
hopByHop.forEach((h) => headers.delete(h));
const response = await fetch(to, {
headers,
redirect: "manual",
method: req.method,
});
// Change cookies domain
const responseHeaders = new Headers(response.headers);
const cookies = getSetCookies(responseHeaders);
responseHeaders.delete("set-cookie");
for (const cookie of cookies) {
setCookie(responseHeaders, { ...cookie, domain: url.hostname });
}
return {
body: response.body,
status: response.status,
headers: responseHeaders,
};
};