From 01f55cf5527a4d7399a8588d62df2a341d382cba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Skyler=20M=C3=A4ntysaari?= Date: Fri, 29 Aug 2025 22:04:33 +0300 Subject: [PATCH] internal/log: Implement logging of HOST when using subrequest auth (#1027) * internal/log: Implement logging of HOST when using subrequest auth The host header wouldn't be set on subrequest auth, so we need to look for X-Forwarded-Host header when logging requests. * chore: add changelog entry --------- Signed-off-by: Xe Iaso Co-authored-by: Xe Iaso --- docs/docs/CHANGELOG.md | 3 ++- internal/log.go | 7 ++++++- internal/log_test.go | 36 ++++++++++++++++++++++++++++++++++++ 3 files changed, 44 insertions(+), 2 deletions(-) diff --git a/docs/docs/CHANGELOG.md b/docs/docs/CHANGELOG.md index 6dcf986..b498668 100644 --- a/docs/docs/CHANGELOG.md +++ b/docs/docs/CHANGELOG.md @@ -7,7 +7,7 @@ sidebar_position: 999 All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), -and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).https://bsky.app/profile/xeiaso.net/post/3lxkqbd25hk22 ## [Unreleased] @@ -45,6 +45,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Add a default block rule for Huawei Cloud. - Add a default block rule for Alibaba Cloud. - Add X-Request-URI support so that Subrequest Authentication has path support. +- Add better logging when using Subrequest Authentication. - Two of Slackware's community git repository servers are now poxied by Anubis. - Added support to use Traefik forwardAuth middleware. diff --git a/internal/log.go b/internal/log.go index 2cc32d0..fb2f250 100644 --- a/internal/log.go +++ b/internal/log.go @@ -27,8 +27,13 @@ func InitSlog(level string) { } func GetRequestLogger(base *slog.Logger, r *http.Request) *slog.Logger { + host := r.Host + if host == "" { + host = r.Header.Get("X-Forwarded-Host") + } + return base.With( - "host", r.Host, + "host", host, "method", r.Method, "path", r.URL.Path, "user_agent", r.UserAgent(), diff --git a/internal/log_test.go b/internal/log_test.go index 50bd849..83c9218 100644 --- a/internal/log_test.go +++ b/internal/log_test.go @@ -3,6 +3,8 @@ package internal import ( "bytes" "log" + "log/slog" + "net/http" "strings" "testing" ) @@ -44,3 +46,37 @@ func TestErrorLogFilter(t *testing.T) { } buf.Reset() } + +func TestGetRequestLogger(t *testing.T) { + // Test case 1: Normal request with Host header + req1, _ := http.NewRequest("GET", "http://example.com/test", nil) + req1.Host = "example.com" + + logger := slog.Default() + reqLogger := GetRequestLogger(logger, req1) + + // We can't easily test the actual log output without setting up a test handler, + // but we can verify the function doesn't panic and returns a logger + if reqLogger == nil { + t.Error("GetRequestLogger returned nil") + } + + // Test case 2: Subrequest auth mode with X-Forwarded-Host + req2, _ := http.NewRequest("GET", "http://test.com/auth", nil) + req2.Host = "" + req2.Header.Set("X-Forwarded-Host", "original-site.com") + + reqLogger2 := GetRequestLogger(logger, req2) + if reqLogger2 == nil { + t.Error("GetRequestLogger returned nil for X-Forwarded-Host case") + } + + // Test case 3: No host information available + req3, _ := http.NewRequest("GET", "http://test.com/nohost", nil) + req3.Host = "" + + reqLogger3 := GetRequestLogger(logger, req3) + if reqLogger3 == nil { + t.Error("GetRequestLogger returned nil for no host case") + } +}