Client Update v0.9.17

Published at July 21, 2020 ·  2 min read

Share on:

This update includes a bug fix for secure redirection, HTTP->HTTPS, that affected traffic on wildcard domains when subsequent HTTP requests utilized POST/PUT/DELETE requests.

Technical Details

For some more background on this defect, the HTTP requests that pass through Hubs, our edge server software, is updated to included X-Forward-X headers. These header fields are processed by a “forwarder” and “secure-redirect” HTTP handler in the Packetriot client.

The forwarder will attempt to set the X-Forwarded-For flag when possible if they were not present (e.g. req.TLS != nil). The secure-redirect handler would check for the X-Forwarded-For and value “https”. When not found it would redirect.

Traffic on wildcard domains would be missing the X-Forwarded-Proto headers in subsequent HTTP traffic which would trigger unnecessary redirects since the relay connection was established between our server and the Packetriot client.

This caused issues when those requests were POST and could break web applications.

The Fix

Our solution introduced a “session” object that help the client track connections between the HTTP request requests that traverse through a chain of handlers. With the session a handler can save in the session that it checked the connection previously and met its requirements to continue down the chain.

Sorry for any issues or headaches this caused. The updates can be found on our download page.

p.s. we are beginning to add some preliminary support for deploying our macOS client using brew. You can that out using the following commands:

[user@host ] brew install packetriot/homebrew-tools/pktriot

# update the client
[user@host ] brew upgrade packetriot/homebrew-tools/pktriot