refactor: sanitize all path on the user's proxy (#946)

shuttle-hq · May 31, 2023 · fa0e4e3 · fa0e4e3
1 parent 322b7f6
commit fa0e4e3
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 4 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/gateway/Cargo.toml b/gateway/Cargo.toml
@@ -50,6 +50,7 @@ utoipa = { workspace = true }
 utoipa-swagger-ui = { workspace = true }
 uuid = { workspace = true, features = ["v4"] }
 x509-parser = "0.14.0"
+tower-sanitize-path = "0.1.2"
 
 [dependencies.shuttle-common]
 workspace = true

diff --git a/gateway/src/proxy.rs b/gateway/src/proxy.rs
@@ -25,6 +25,7 @@ use opentelemetry_http::HeaderInjector;
 use shuttle_common::backends::headers::XShuttleProject;
 use tokio::sync::mpsc::Sender;
 use tower::{Service, ServiceBuilder};
+use tower_sanitize_path::SanitizePath;
 use tracing::{debug_span, error, field, trace};
 use tracing_opentelemetry::OpenTelemetrySpanExt;
 
@@ -84,6 +85,18 @@ impl<'r> AsResponderTo<&'r AddrStream> for UserProxy {
     }
 }
 
+impl<S, R> AsResponderTo<R> for SanitizePath<S>
+where
+    S: AsResponderTo<R> + Clone,
+{
+    fn as_responder_to(&self, req: R) -> Self {
+        let responder = self.clone();
+        responder.inner().as_responder_to(req);
+
+        responder
+    }
+}
+
 impl UserProxy {
     async fn proxy(
         self,
@@ -300,12 +313,13 @@ impl UserServiceBuilder {
             .user_binds_to
             .expect("a socket address to bind to is required");
 
-        let user_proxy = UserProxy {
+        let user_proxy = SanitizePath::sanitize_paths(UserProxy {
             gateway: service.clone(),
             task_sender,
             remote_addr: "127.0.0.1:80".parse().unwrap(),
             public: public.clone(),
-        };
+        })
+        .into_make_service();
 
         let bouncer = self.bouncer_binds_to.as_ref().map(|_| Bouncer {
             gateway: service.clone(),
@@ -335,7 +349,7 @@ impl UserServiceBuilder {
 
             let user_with_tls = axum_server::Server::bind(user_binds_to)
                 .acceptor(tls_acceptor)
-                .serve(user_proxy.into_make_service())
+                .serve(user_proxy)
                 .map(|handle| ("user proxy (with TLS)", handle))
                 .boxed();
             futs.push(user_with_tls);
@@ -351,7 +365,7 @@ impl UserServiceBuilder {
             }
 
             let user_without_tls = axum_server::Server::bind(user_binds_to)
-                .serve(user_proxy.into_make_service())
+                .serve(user_proxy)
                 .map(|handle| ("user proxy (no TLS)", handle))
                 .boxed();
             futs.push(user_without_tls);