handle missing headers

2023-07-26 12:47:16 +02:00 · 2023-07-26 12:47:16 +02:00 · 4993758b36
commit 4993758b36
parent c17b103f06
2 changed files with 16 additions and 3 deletions
--- a/pkg/acquisition/modules/waf/waf.go
+++ b/pkg/acquisition/modules/waf/waf.go
@ -591,7 +591,7 @@ func (w *WafSource) wafHandler(rw http.ResponseWriter, r *http.Request) {
 	parsedRequest, err := waf.NewParsedRequestFromRequest(r)
 	if err != nil {
 		log.Errorf("%s", err)
-		rw.WriteHeader(http.StatusForbidden)
+		rw.WriteHeader(http.StatusInternalServerError)
 		return
 	}
 	w.InChan <- parsedRequest
@ -600,7 +600,7 @@ func (w *WafSource) wafHandler(rw http.ResponseWriter, r *http.Request) {

 	if message.Err != nil {
 		log.Errorf("Error while processing InBAND: %s", err)
-		rw.WriteHeader(http.StatusOK)
+		rw.WriteHeader(http.StatusInternalServerError)
 		return
 	}

@ -622,7 +622,8 @@ func (w *WafSource) wafHandler(rw http.ResponseWriter, r *http.Request) {
 	rw.WriteHeader(http.StatusOK)
 	body, err := json.Marshal(BodyResponse{Action: "allow"})
 	if err != nil {
-		log.Errorf("unable to build response: %s", err)
+		log.Errorf("unable to marshal response: %s", err)
+		rw.WriteHeader(http.StatusInternalServerError)
 	} else {
 		rw.Write(body)
 	}
--- a/pkg/waf/request.go
+++ b/pkg/waf/request.go
@ -85,12 +85,24 @@ func NewParsedRequestFromRequest(r *http.Request) (ParsedRequest, error) {

 	// the real source of the request is set in 'x-client-ip'
 	clientIP := r.Header.Get(IPHeaderName)
+	if clientIP == "" {
+		return ParsedRequest{}, fmt.Errorf("Missing '%s' header", IPHeaderName)
+	}
 	// the real target Host of the request is set in 'x-client-host'
 	clientHost := r.Header.Get(HostHeaderName)
+	if clientHost == "" {
+		return ParsedRequest{}, fmt.Errorf("Missing '%s' header", HostHeaderName)
+	}
 	// the real URI of the request is set in 'x-client-uri'
 	clientURI := r.Header.Get(URIHeaderName)
+	if clientURI == "" {
+		return ParsedRequest{}, fmt.Errorf("Missing '%s' header", URIHeaderName)
+	}
 	// the real VERB of the request is set in 'x-client-uri'
 	clientMethod := r.Header.Get(VerbHeaderName)
+	if clientMethod == "" {
+		return ParsedRequest{}, fmt.Errorf("Missing '%s' header", VerbHeaderName)
+	}

 	// delete those headers before coraza process the request
 	delete(r.Header, IPHeaderName)