From bcea6027e925f8abd513bed60a52da75f20c1509 Mon Sep 17 00:00:00 2001
From: "nicolas.dorier" <nicolas.dorier@gmail.com>
Date: Mon, 4 Mar 2019 20:48:19 +0900
Subject: [PATCH] Replace Forwarded Headers via ASP.NET Core middleware

---
 BTCPayServer/Hosting/BTCpayMiddleware.cs | 53 ------------------------
 BTCPayServer/Hosting/Startup.cs          |  6 ++-
 2 files changed, 5 insertions(+), 54 deletions(-)

diff --git a/BTCPayServer/Hosting/BTCpayMiddleware.cs b/BTCPayServer/Hosting/BTCpayMiddleware.cs
index 82b03040f..b3ff43b08 100644
--- a/BTCPayServer/Hosting/BTCpayMiddleware.cs
+++ b/BTCPayServer/Hosting/BTCpayMiddleware.cs
@@ -32,8 +32,6 @@ namespace BTCPayServer.Hosting
 
         public async Task Invoke(HttpContext httpContext)
         {
-            RewriteHostIfNeeded(httpContext);
-
             try
             {
                 var bitpayAuth = GetBitpayAuth(httpContext, out bool isBitpayAuth);
@@ -125,57 +123,6 @@ namespace BTCPayServer.Hosting
             return false;
         }
 
-        private void RewriteHostIfNeeded(HttpContext httpContext)
-        {
-            string reverseProxyScheme = null;
-            if (httpContext.Request.Headers.TryGetValue("X-Forwarded-Proto", out StringValues proto))
-            {
-                var scheme = proto.SingleOrDefault();
-                if (scheme != null)
-                {
-                    reverseProxyScheme = scheme;
-                }
-            }
-
-            ushort? reverseProxyPort = null;
-            if (httpContext.Request.Headers.TryGetValue("X-Forwarded-Port", out StringValues port))
-            {
-                var portString = port.SingleOrDefault();
-                if (portString != null && ushort.TryParse(portString, out ushort pp))
-                {
-                    reverseProxyPort = pp;
-                }
-            }
-
-            // NGINX pass X-Forwarded-Proto and X-Forwarded-Port, so let's use that to have better guess of the real domain
-
-            ushort? p = null;
-            if (reverseProxyScheme != null)
-            {
-                httpContext.Request.Scheme = reverseProxyScheme;
-                if (reverseProxyScheme == "http")
-                    p = 80;
-                if (reverseProxyScheme == "https")
-                    p = 443;
-            }
-
-            if (reverseProxyPort != null)
-            {
-                p = reverseProxyPort.Value;
-            }
-
-            if (p.HasValue)
-            {
-                bool isDefault = httpContext.Request.Scheme == "http" && p.Value == 80;
-                isDefault |= httpContext.Request.Scheme == "https" && p.Value == 443;
-                if (isDefault)
-                    httpContext.Request.Host = new HostString(httpContext.Request.Host.Host);
-                else
-                    httpContext.Request.Host = new HostString(httpContext.Request.Host.Host, p.Value);
-            }
-
-        }
-
         private static async Task HandleBitpayHttpException(HttpContext httpContext, BitpayHttpException ex)
         {
             httpContext.Response.StatusCode = ex.StatusCode;
diff --git a/BTCPayServer/Hosting/Startup.cs b/BTCPayServer/Hosting/Startup.cs
index c463509cb..2f89e4ff9 100644
--- a/BTCPayServer/Hosting/Startup.cs
+++ b/BTCPayServer/Hosting/Startup.cs
@@ -17,6 +17,7 @@ using Microsoft.AspNetCore.Mvc.Infrastructure;
 using BTCPayServer.Services;
 using BTCPayServer.Models;
 using Microsoft.AspNetCore.Identity;
+using Microsoft.AspNetCore.HttpOverrides;
 using BTCPayServer.Data;
 using Microsoft.Extensions.Logging;
 using BTCPayServer.Logging;
@@ -158,7 +159,10 @@ namespace BTCPayServer.Hosting
             {
                 app.UseDeveloperExceptionPage();
             }
-
+            app.UseForwardedHeaders(new ForwardedHeadersOptions()
+            {
+                ForwardedHeaders = ForwardedHeaders.All
+            });
             app.UseCors();
             app.UsePayServer();
             app.UseStaticFiles();