fix: proxy web device resources transparently

2026-05-15 11:12:27 +08:00
parent bd49486304
commit 7498960ba3
4 changed files with 146 additions and 15 deletions
--- a/internal/webdevice/proxy_test.go
+++ b/internal/webdevice/proxy_test.go
@@ -46,6 +46,24 @@ func TestRewriteText(t *testing.T) {
 	}
 }

+func TestRewriteTextRewritesScriptAbsoluteURLs(t *testing.T) {
+	t.Parallel()
+
+	targetURL, _ := url.Parse("http://192.168.1.124:80")
+	body := `window.location.href="/doc/page/login.asp";fetch("/ISAPI/System/time")`
+	got := RewriteText(body, "/proxy/web/192.168.1.124", targetURL, "application/javascript")
+
+	if !strings.Contains(got, `"/proxy/web/192.168.1.124/doc/page/login.asp"`) {
+		t.Fatalf("script missing rewritten login URL: %s", got)
+	}
+	if !strings.Contains(got, `"/proxy/web/192.168.1.124/ISAPI/System/time"`) {
+		t.Fatalf("script missing rewritten API URL: %s", got)
+	}
+	if strings.Contains(got, "data-web-proxy-runtime") {
+		t.Fatalf("script should not receive HTML runtime: %s", got)
+	}
+}
+
 func TestProxyHTTPRejectsUnscannedIP(t *testing.T) {
 	t.Parallel()

@@ -137,6 +155,7 @@ func TestSanitizeProxyRequestHeaderDropsLoginCookie(t *testing.T) {
 	source.Set("Referer", "http://10.8.0.18:13000/proxy/web/192.168.0.108/")
 	source.Set("Sessiontag", "abc123")
 	source.Set("If-Modified-Since", "0")
+	source.Set("Accept-Encoding", "gzip, deflate")
 	source.Set("X-Forwarded-For", "10.8.0.1")

 	loginHeader := sanitizeProxyRequestHeader(source, "/doc/page/login.asp")
@@ -149,6 +168,9 @@ func TestSanitizeProxyRequestHeaderDropsLoginCookie(t *testing.T) {
 	if got := loginHeader.Get("X-Forwarded-For"); got != "" {
 		t.Fatalf("login X-Forwarded-For = %q, want empty", got)
 	}
+	if got := loginHeader.Get("Accept-Encoding"); got != "" {
+		t.Fatalf("login Accept-Encoding = %q, want empty", got)
+	}
 	if got := loginHeader.Get("Sessiontag"); got != "abc123" {
 		t.Fatalf("login Sessiontag = %q, want abc123", got)
 	}
@@ -164,3 +186,27 @@ func TestSanitizeProxyRequestHeaderDropsLoginCookie(t *testing.T) {
 		t.Fatalf("api If-Modified-Since = %q, want 0", got)
 	}
 }
+
+func TestSanitizeProxyRequestHeaderPreservesWebSocketUpgrade(t *testing.T) {
+	source := http.Header{}
+	source.Set("User-Agent", "browser")
+	source.Set("Connection", "keep-alive, Upgrade")
+	source.Set("Upgrade", "websocket")
+	source.Set("Sec-Websocket-Key", "abc")
+	source.Set("Sec-Websocket-Version", "13")
+	source.Set("Accept-Encoding", "gzip")
+
+	header := sanitizeProxyRequestHeader(source, "/webSocket")
+	if got := header.Get("Connection"); got != "Upgrade" {
+		t.Fatalf("Connection = %q, want Upgrade", got)
+	}
+	if got := header.Get("Upgrade"); got != "websocket" {
+		t.Fatalf("Upgrade = %q, want websocket", got)
+	}
+	if got := header.Get("Sec-Websocket-Key"); got != "abc" {
+		t.Fatalf("Sec-Websocket-Key = %q, want abc", got)
+	}
+	if got := header.Get("Accept-Encoding"); got != "" {
+		t.Fatalf("Accept-Encoding = %q, want empty", got)
+	}
+}