From 40491ef82f59d0bb47c603117e06eb597447040e Mon Sep 17 00:00:00 2001
From: caowei <cao.wei@99cloud.net>
Date: Sun, 24 Apr 2022 15:36:25 +0800
Subject: [PATCH] Use X-Forwarded-Proto as origin protocol if present

Closes-Bug: #1970083
Change-Id: I88c90bbf03b2b7c5f816926c124ec049d9d82b4f
---
 zun/websocket/websocketproxy.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/zun/websocket/websocketproxy.py b/zun/websocket/websocketproxy.py
index 071f1ae20..5700eefb2 100644
--- a/zun/websocket/websocketproxy.py
+++ b/zun/websocket/websocketproxy.py
@@ -283,6 +283,13 @@ class ZunProxyRequestHandlerBase(object):
             origin = urlparse.urlparse(origin_url)
             origin_hostname = origin.hostname
             origin_scheme = origin.scheme
+            # If the console connection was forwarded by a proxy (example:
+            # haproxy), the original protocol could be contained in the
+            # X-Forwarded-Proto header instead of the Origin header. Prefer the
+            # forwarded protocol if it is present.
+            forwarded_proto = self.headers.get('X-Forwarded-Proto')
+            if forwarded_proto is not None:
+                origin_scheme = forwarded_proto
             if origin_hostname == '' or origin_scheme == '':
                 detail = _("Origin header not valid.")
                 raise exception.ValidationError(detail)