feat: Support the Forwarded header.

src/ldp/UnsecureWebSocketsProtocol.ts

@@ -3,6 +3,7 @@ import type WebSocket from 'ws';
 import { getLoggerFor } from '../logging/LogUtil';
 import type { HttpRequest } from '../server/HttpRequest';
 import { WebSocketHandler } from '../server/WebSocketHandler';
+import { parseForwarded } from '../util/HeaderUtil';
 import type { ResourceIdentifier } from './representation/ResourceIdentifier';
 
 const VERSION = 'solid/0.1.0-alpha';
@@ -26,13 +27,13 @@ class WebSocketListener extends EventEmitter {
     socket.addListener('message', (message: string): void => this.onMessage(message));
   }
 
-  public start(upgradeRequest: HttpRequest): void {
+  public start({ headers, socket }: HttpRequest): void {
     // Greet the client
     this.sendMessage('protocol', VERSION);
     this.sendMessage('warning', 'Unstandardized protocol version, proceed with care');
 
     // Verify the WebSocket protocol version
-    const protocolHeader = upgradeRequest.headers['sec-websocket-protocol'];
+    const protocolHeader = headers['sec-websocket-protocol'];
     if (!protocolHeader) {
       this.sendMessage('warning', `Missing Sec-WebSocket-Protocol header, expected value '${VERSION}'`);
     } else {
@@ -44,8 +45,9 @@ class WebSocketListener extends EventEmitter {
     }
 
     // Store the HTTP host and protocol
-    this.host = upgradeRequest.headers.host ?? '';
-    this.protocol = (upgradeRequest.socket as any).secure ? 'https:' : 'http:';
+    const forwarded = parseForwarded(headers.forwarded);
+    this.host = forwarded.host ?? headers.host ?? 'localhost';
+    this.protocol = forwarded.proto === 'https' || (socket as any).secure ? 'https:' : 'http:';
   }
 
   private stop(): void {

src/ldp/http/BasicTargetExtractor.ts

@@ -1,6 +1,6 @@
 import type { TLSSocket } from 'tls';
-import { getLoggerFor } from '../../logging/LogUtil';
 import type { HttpRequest } from '../../server/HttpRequest';
+import { parseForwarded } from '../../util/HeaderUtil';
 import { toCanonicalUriPath } from '../../util/PathUtil';
 import type { ResourceIdentifier } from '../representation/ResourceIdentifier';
 import { TargetExtractor } from './TargetExtractor';
@@ -11,28 +11,35 @@ import { TargetExtractor } from './TargetExtractor';
  * TODO: input requires more extensive cleaning/parsing based on headers (see #22).
  */
 export class BasicTargetExtractor extends TargetExtractor {
-  protected readonly logger = getLoggerFor(this);
-
-  public async handle({ url, headers: { host }, connection }: HttpRequest): Promise<ResourceIdentifier> {
+  public async handle({ url, connection, headers }: HttpRequest): Promise<ResourceIdentifier> {
     if (!url) {
-      this.logger.error('The request has no URL');
       throw new Error('Missing URL');
     }
+
+    // Extract host and protocol (possibly overridden by the Forwarded header)
+    let { host } = headers;
+    let protocol = (connection as TLSSocket)?.encrypted ? 'https' : 'http';
+    if (headers.forwarded) {
+      const forwarded = parseForwarded(headers.forwarded);
+      if (forwarded.host) {
+        ({ host } = forwarded);
+      }
+      if (forwarded.proto) {
+        ({ proto: protocol } = forwarded);
+      }
+    }
+
+    // Perform a sanity check on the host
     if (!host) {
-      this.logger.error('The request has no Host header');
       throw new Error('Missing Host header');
     }
     if (/[/\\*]/u.test(host)) {
       throw new Error(`The request has an invalid Host header: ${host}`);
     }
 
-    const isHttps = (connection as TLSSocket)?.encrypted;
-    this.logger.debug(`Request is using HTTPS: ${isHttps}`);
-
     // URL object applies punycode encoding to domain
-    const base = `http${isHttps ? 's' : ''}://${host}`;
+    const base = `${protocol}://${host}`;
     const path = new URL(toCanonicalUriPath(url), base).href;
-
     return { path };
   }
 }