From 147eb91bf3e2eb7446582795fadd09e84ab9e30b Mon Sep 17 00:00:00 2001 From: Bunny Yiu Date: Thu, 3 Jan 2013 07:10:32 +0000 Subject: [PATCH] [fix] Http-proxy should not modify protocol that not under target host. In some cases, the target site may redirect the request to external url which is not our proxying target. It is better not to modify the protocol in this case. --- lib/node-http-proxy/http-proxy.js | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/lib/node-http-proxy/http-proxy.js b/lib/node-http-proxy/http-proxy.js index e23d551ca..8f37ced35 100644 --- a/lib/node-http-proxy/http-proxy.js +++ b/lib/node-http-proxy/http-proxy.js @@ -27,6 +27,7 @@ var events = require('events'), http = require('http'), util = require('util'), + url = require('url'), httpProxy = require('../node-http-proxy'); // @@ -228,7 +229,7 @@ HttpProxy.prototype.proxyRequest = function (req, res, buffer) { if (this.changeOrigin) { outgoing.headers.host = this.target.host + ':' + this.target.port; } - + // // Open new HTTP request to internal resource with will act // as a reverse proxy pass @@ -248,11 +249,15 @@ HttpProxy.prototype.proxyRequest = function (req, res, buffer) { } if ((response.statusCode === 301) || (response.statusCode === 302)) { - if (self.source.https && !self.target.https) { - response.headers.location = response.headers.location.replace(/^http\:/, 'https:'); - } - if (self.target.https && !self.source.https) { - response.headers.location = response.headers.location.replace(/^https\:/, 'http:'); + // Only change protocol if url under target host + var parsedLocation = url.parse(response.headers.location); + if (parsedLocation.host === req.headers.host) { + if (self.source.https && !self.target.https) { + response.headers.location = response.headers.location.replace(/^http\:/, 'https:'); + } + if (self.target.https && !self.source.https) { + response.headers.location = response.headers.location.replace(/^https\:/, 'http:'); + } } }