use gorilla/handlers.ProxyHeaders to get the X-Forwarded-* headers and set them in the appropriate http.Request fields

1 files changed, 60 insertions, 0 deletions

diff --git a/app_test.go b/app_test.go
new file mode 100644
index 00000000..d78d6737
--- /dev/null
+++ b/app_test.go
@@ -0,0 +1,60 @@
+package main
+
+import (
+	"crypto/tls"
+	"fmt"
+	"net/http"
+	"testing"
+
+	"github.com/stretchr/testify/require"
+
+	"gitlab.com/gitlab-org/gitlab-pages/internal/request"
+)
+
+func Test_setRequestScheme(t *testing.T) {
+	tests := []struct {
+		name           string
+		r              *http.Request
+		expectedScheme string
+	}{
+		{
+			name:           "http",
+			r:              newGetRequestWithScheme(t, request.SchemeHTTP, false),
+			expectedScheme: request.SchemeHTTP,
+		},
+		{
+			name:           "https",
+			r:              newGetRequestWithScheme(t, request.SchemeHTTPS, true),
+			expectedScheme: request.SchemeHTTPS,
+		},
+		{
+			name:           "empty_scheme_no_tls",
+			r:              newGetRequestWithScheme(t, "", false),
+			expectedScheme: request.SchemeHTTP,
+		},
+		{
+			name:           "empty_scheme_with_tls",
+			r:              newGetRequestWithScheme(t, "", true),
+			expectedScheme: request.SchemeHTTPS,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := setRequestScheme(tt.r)
+			require.Equal(t, got.URL.Scheme, tt.expectedScheme)
+		})
+	}
+}
+
+func newGetRequestWithScheme(t *testing.T, scheme string, withTLS bool) *http.Request {
+	t.Helper()
+
+	req, err := http.NewRequest("GET", fmt.Sprintf("%s//localost/", scheme), nil)
+	require.NoError(t, err)
+	req.URL.Scheme = scheme
+	if withTLS {
+		req.TLS = &tls.ConnectionState{}
+	}
+
+	return req
+}