Skip to content

Commit

Permalink
Merge pull request #1696 from navikt/nofwdcookie
Browse files Browse the repository at this point in the history 
fjern cookie header fra proxy requests
  • Loading branch information
@kenglxn
kenglxn authored Oct 2, 2023
2 parents a4d1a00 + 76005f7 commit 56fb29f
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 39 deletions.
35 changes: 0 additions & 35 deletions server/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 0 additions & 1 deletion server/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,6 @@
"@navikt/arbeidsgiver-notifikasjoner-brukerapi-mock": "6.4.0",
"apollo-server-express": "3.12.1",
"casual": "^1.6.2",
"cookie-parser": "^1.4.6",
"express": "^4.17.3",
"express-http-proxy": "1.6.3",
"http-proxy-middleware": "3.0.0-beta.1",
Expand Down
17 changes: 14 additions & 3 deletions server/server.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ import httpProxyMiddleware, {
import { createHttpTerminator } from 'http-terminator';
import Prometheus from 'prom-client';
import { createLogger, format, transports } from 'winston';
import cookieParser from 'cookie-parser';
import { tokenXMiddleware } from './tokenx.js';
import { readFileSync } from 'fs';
import require from './esm-require.js';
Expand Down Expand Up @@ -65,6 +64,13 @@ const log = new Proxy(
}
);

const cookieScraperPlugin = (proxyServer, options) => {
proxyServer.on('proxyReq', (proxyReq, req, res, options) => {
if (proxyReq.getHeader('cookie')) {
proxyReq.removeHeader('cookie');
}
});
};
// copy with mods from http-proxy-middleware https://github.com/chimurai/http-proxy-middleware/blob/master/src/plugins/default/logger-plugin.ts
const loggerPlugin = (proxyServer, options) => {
proxyServer.on('error', (err, req, res, target) => {
Expand Down Expand Up @@ -139,7 +145,6 @@ const main = async () => {
const app = express();
app.disable('x-powered-by');
app.set('views', BUILD_PATH);
app.use(cookieParser());

app.use('/*', (req, res, next) => {
res.setHeader('NAIS_APP_IMAGE', NAIS_APP_IMAGE);
Expand Down Expand Up @@ -198,7 +203,13 @@ const main = async () => {
xfwd: true,
changeOrigin: true,
ejectPlugins: true,
plugins: [debugProxyErrorsPlugin, errorResponsePlugin, loggerPlugin, proxyEventsPlugin],
plugins: [
cookieScraperPlugin,
debugProxyErrorsPlugin,
errorResponsePlugin,
loggerPlugin,
proxyEventsPlugin,
],
};
app.use(
'/min-side-arbeidsgiver/tiltaksgjennomforing-api',
Expand Down

0 comments on commit 56fb29f

Please sign in to comment.