fix: preserve web device session headers

2026-05-15 03:08:57 +08:00
parent 1114ee00c1
commit bd49486304
2 changed files with 39 additions and 11 deletions
--- a/internal/webdevice/proxy.go
+++ b/internal/webdevice/proxy.go
@@ -151,10 +151,12 @@ func shouldRetryProxyRequest(req *http.Request, err error) bool {
 }

 func sanitizeProxyRequestHeader(source http.Header, upstreamPath string) http.Header {
-	header := make(http.Header)
-	copyHeaderValue(header, source, "Accept")
-	copyHeaderValue(header, source, "Content-Type")
-	copyHeaderValue(header, source, "Authorization")
+	header := source.Clone()
+	for key := range header {
+		if isProxyManagedHeader(key) {
+			header.Del(key)
+		}
+	}

 	userAgent := strings.TrimSpace(source.Get("User-Agent"))
 	if userAgent == "" {
@@ -164,17 +166,32 @@ func sanitizeProxyRequestHeader(source http.Header, upstreamPath string) http.He
 	header.Set("Connection", "close")

 	if !isLoginPagePath(upstreamPath) {
-		copyHeaderValue(header, source, "Cookie")
+		return header
 	}
+	header.Del("Cookie")
+	header.Del("Referer")
 	return header
 }

-func copyHeaderValue(target, source http.Header, key string) {
-	if value := source.Values(key); len(value) > 0 {
-		target.Del(key)
-		for _, item := range value {
-			target.Add(key, item)
-		}
+func isProxyManagedHeader(key string) bool {
+	switch http.CanonicalHeaderKey(key) {
+	case "Connection",
+		"Proxy-Connection",
+		"Keep-Alive",
+		"Transfer-Encoding",
+		"Upgrade",
+		"Te",
+		"Trailer",
+		"Proxy-Authenticate",
+		"Proxy-Authorization",
+		"Forwarded",
+		"X-Forwarded-For",
+		"X-Forwarded-Host",
+		"X-Forwarded-Proto",
+		"X-Real-Ip":
+		return true
+	default:
+		return false
 	}
 }