fix: set host header for requests from HTTP2 to HTTP1#43
Conversation
|
At first I was happy to have contributed (indirectly) to vite, but the responsibility certainly feels different 😆 Feel free to tag me in the future for issues related to http2, I wasn't aware of the scale of the problem, only saw the forward header briefly mentioned in #2 and fixed in #42 (which does not include the other fixes present in this PR). |
There was a problem hiding this comment.
Pull request overview
This PR fixes inconsistencies in the Host and X-Forwarded-* headers when proxying requests from HTTP/2 to HTTP/1. The fix ensures that the HTTP/2 :authority pseudo-header is properly converted to the Host header for HTTP/1 backends.
- Adds support for HTTP/2
:authoritypseudo-header across the proxy pipeline - Updates header handling in
setupOutgoing,XHeaders,getPort, andsetRedirectHostRewritefunctions - Includes comprehensive test coverage for HTTP/2 to HTTP/1 proxy scenarios
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
lib/http-proxy/common.ts |
Maps HTTP/2 :authority header to host header for outgoing HTTP/1 requests and updates port extraction logic |
lib/http-proxy/passes/web-incoming.ts |
Uses :authority as fallback for x-forwarded-host header in HTTP/2 requests |
lib/http-proxy/passes/web-outgoing.ts |
Supports :authority header in redirect host rewrite logic for HTTP/2 requests; removes trailing whitespace |
lib/test/lib/http2-proxy.test.ts |
Adds new integration tests for HTTP/2 to HTTP/1 proxy scenarios using both proxy server and custom HTTP/2 server |
lib/test/lib/http-proxy-passes-web-incoming.test.ts |
Adds unit test verifying correct x-forwarded-* header handling for HTTP/2 requests |
lib/test/lib/http-proxy-passes-web-outgoing.test.ts |
Adds unit test for redirect host rewrite with HTTP/2 :authority header |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review for a chance to win a $100 gift card. Take the survey.
| }); | ||
| req.on('end', () => { | ||
| source.close(); | ||
| proxy.close(); |
There was a problem hiding this comment.
The HTTP2 client connection should be closed to prevent resource leaks. Add client.close() before calling done(). For example:
req.on('end', () => {
source.close();
proxy.close();
client.close();
done();
});| proxy.close(); | |
| proxy.close(); | |
| client.close(); |
| }); | ||
| req.on('end', () => { | ||
| source.close(); | ||
| ownServer.close(); |
There was a problem hiding this comment.
The HTTP2 client connection should be closed to prevent resource leaks. Add client.close() before calling done(). For example:
req.on('end', () => {
source.close();
ownServer.close();
client.close();
done();
});| ownServer.close(); | |
| ownServer.close(); | |
| client.close(); |
|
@sapphi-red sorry about that. I've made a release including this -- 1.23.1 . |
|
Regarding the copilot AI review, I think they are useful as a sort of linter. In this case, I don't care about potential leaks in unit tests, which is all it flagged. |
sapphi-red
deleted the
fix/set-host-header-for-requests-from-http2-to-http1
branch
|
@Corvince Thanks for the improvements and @williamstein thanks for the release and maintenance 💚. I'll go with a custom patch for the next Vite patch version, just to be safe. I'll upgrade this package in the next major / minor. |
Requests from HTTP2 had a different header values for
HostandX-Forward-*from requests from HTTP 1.x. This PR fixes that inconsistency.related vitejs/vite#21117