fix: [ocisdev-266] code scan #27

Author: mklos-kw

services/proxy/pkg/command/server.go

@@ -333,7 +333,7 @@ func loadMiddlewares(logger log.Logger, cfg *config.Config,
 		chimiddleware.RequestID,
 		middleware.AccessLog(logger),
 		middleware.ContextLogger(logger),
-		middleware.HTTPSRedirect,
+		middleware.HTTPSRedirect(cfg.Commons.OcisURL),
 		middleware.Security(cspConfig),
 		router.Middleware(serviceSelector, cfg.PolicySelector, cfg.Policies, logger),
 		middleware.Authentication(

services/proxy/pkg/middleware/https_redirect.go

@@ -1,19 +1,38 @@
 package middleware
 
 import (
-	"fmt"
 	"net/http"
+	"net/url"
+	"strings"
 )
 
-// HTTPSRedirect redirects insecure requests to https
-func HTTPSRedirect(next http.Handler) http.Handler {
-	return http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
-		proto := req.Header.Get("x-forwarded-proto")
-		if proto == "http" || proto == "HTTP" {
-			http.Redirect(res, req, fmt.Sprintf("https://%s%s", req.Host, req.URL), http.StatusPermanentRedirect)
-			return
+// HTTPSRedirect creates middleware that redirects insecure requests to HTTPS using a trusted base URL.
+func HTTPSRedirect(trustedBaseURL string) func(http.Handler) http.Handler {
+	var trustedHost string
+	if trustedBaseURL != "" {
+		if u, err := url.Parse(trustedBaseURL); err == nil {
+			trustedHost = u.Host
 		}
+	}
 
-		next.ServeHTTP(res, req)
-	})
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
+			proto := req.Header.Get("x-forwarded-proto")
+			if proto == "http" || proto == "HTTP" {
+				if strings.TrimSpace(trustedHost) != "" {
+					target := &url.URL{
+						Scheme:   "https",
+						Host:     trustedHost,
+						Path:     req.URL.Path,
+						RawQuery: req.URL.RawQuery,
+					}
+					http.Redirect(res, req, target.String(), http.StatusPermanentRedirect)
+					return
+				}
+				// No trusted host configured; do not perform a redirect
+			}
+
+			next.ServeHTTP(res, req)
+		})
+	}
 }

services/proxy/pkg/middleware/https_redirect_test.go

@@ -0,0 +1,27 @@
+package middleware
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"gotest.tools/v3/assert"
+)
+
+func TestHTTPSRedirect_UsesTrustedHost(t *testing.T) {
+	downstream := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(http.StatusOK)
+	})
+	mw := HTTPSRedirect("https://trusted.ocis.local")(downstream)
+
+	req := httptest.NewRequest(http.MethodGet, "/foo?bar=1", nil)
+	req.Host = "non-trusted.example"
+	req.Header.Set("X-Forwarded-Proto", "http")
+
+	rr := httptest.NewRecorder()
+	mw.ServeHTTP(rr, req)
+
+	assert.Equal(t, rr.Code, http.StatusPermanentRedirect)
+	location := rr.Header().Get("Location")
+	assert.Equal(t, location, "https://trusted.ocis.local/foo?bar=1")
+}