Merge pull request #58 from deflect-ca/bug/url-encode-dsc

Bug Fixed For URL Encoded Session ID

internal/session_cookie.go

@@ -153,8 +153,7 @@ func sessionCookieEndPoint(c *gin.Context, config *Config) error {
 
 func attachSessionCookie(c *gin.Context, config *Config, dsc string, dsc_new bool) {
 	if dsc_new {
-		urlEncodedDsc := url.QueryEscape(dsc)
-		c.SetCookie(SessionCookieName, urlEncodedDsc, config.SessionCookieTtlSeconds, "/", "", false, true)
+		c.SetCookie(SessionCookieName, dsc, config.SessionCookieTtlSeconds, "/", "", false, true)
 	}
 	// for nginx log
 	c.Header("X-Deflect-Session", dsc)

supporting-containers/nginx/nginx.conf

@@ -97,6 +97,7 @@ http {
         location ~* \.(css|js|json|png|gif|ico|jpg|jpeg|svg|ttf|woff|woff2)$ {
             set $loc_in "static_file";
             set $loc_out "static_file";
+            set $deflect_session "$cookie_deflect_session";
             proxy_pass http://test-origin:8080;
         }
 
@@ -125,7 +126,7 @@ http {
         location @access_granted {
             set $loc_out "access_granted";
             set $banjax_decision "$upstream_http_x_banjax_decision";
-            set $deflect_session "$upstream_http_x_deflect_session";
+            set $deflect_session "$cookie_deflect_session";
             set $deflect_session_new "$upstream_http_x_deflect_session_new";
             add_header X-Banjax-Decision $banjax_decision;
             proxy_pass http://test-origin:8080;

supporting-containers/test-origin/Dockerfile

@@ -1,6 +1,6 @@
 # Copyright (c) 2020, eQualit.ie inc.
 # All rights reserved.
-# 
+#
 # This source code is licensed under the BSD-style license found in the
 # LICENSE file in the root directory of this source tree.
 
@@ -9,9 +9,11 @@ FROM golang:1.17.0-buster
 RUN go get -u github.com/gin-gonic/[email protected]
 
 RUN mkdir -p /opt/hello-world
+RUN mkdir -p /opt/hello-world/assets
 COPY ./hello-world.go /opt/hello-world/
 COPY ./go.mod /opt/hello-world/
 COPY ./go.sum /opt/hello-world/
+COPY ./assets/deflect_100.png /opt/hello-world/assets
 
 EXPOSE 8080
 

supporting-containers/test-origin/hello-world.go

@@ -7,19 +7,27 @@
 package main
 
 import (
-	"github.com/gin-gonic/gin"
 	"time"
+
+	"github.com/gin-gonic/gin"
 )
 
 func main() {
 	r := gin.Default()
+	r.Static("/assets", "./assets")
 	r.GET("/hello", func(c *gin.Context) {
-	    c.String(200, "hello!\n")
-    })
+		c.String(200, "hello!\n")
+	})
 	r.NoRoute(func(c *gin.Context) {
-		// c.Header("Cache-Control", "no-cache")
-		c.Header("Cache-Control", "public,max-age=30")
-		c.String(404, "you requested %s at %s\n", c.Request.URL.Path, time.Now().UTC().Format("15:04:05"))
+		c.Header("Cache-Control", "no-cache")
+		c.Header("Content-Type", "text/html; charset=utf-8")
+		// c.Header("Cache-Control", "public,max-age=30")
+		var page string = "<html><head><title>Banjax test-origin</title>"
+		page = page + "<style>body{padding: 2em;background-color:rgb(236, 236, 226);}</style></head>"
+		page = page + "<body><img src=\"assets/deflect_100.png\">"
+		page = page + "<h1>Requested URL: " + c.Request.URL.Path + "</h1>"
+		page = page + "Banjax test-origin @ " + time.Now().UTC().Format("15:04:05") + " UTC+0</body>"
+		c.String(404, page)
 	})
 	r.Run("0.0.0.0:8080")
 }