From 0f7cf6fdba5fe02a88026cfd2f745f21ae6f5236 Mon Sep 17 00:00:00 2001
From: Marco98 <Marco98@users.noreply.github.com>
Date: Sat, 3 Aug 2024 20:39:25 +0200
Subject: [PATCH] fix: handling multiple cookies

---
 pkg/proxy/handler.go  | 12 +++++++-----
 pkg/proxy/sessions.go | 12 ++++++------
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/pkg/proxy/handler.go b/pkg/proxy/handler.go
index d368023..f32890a 100644
--- a/pkg/proxy/handler.go
+++ b/pkg/proxy/handler.go
@@ -94,7 +94,7 @@ func (p *Proxy) proxyRequest(cluster string, host *config.Host, w http.ResponseW
 	req.ContentLength = r.ContentLength
 	p.copyHeaders(r.Header, req.Header)
 	if p.config.PassthroughAuth {
-		if err := p.mangleCookies(cluster, r, req.Header); err != nil {
+		if err := p.mangleCookies(cluster, r, req); err != nil {
 			return err
 		}
 	}
@@ -167,14 +167,16 @@ func (p *Proxy) proxyWebsocket(cluster string, w http.ResponseWriter, r *http.Re
 			InsecureSkipVerify: p.config.TLSIgnoreCert, //nolint:gosec,G402
 		},
 	}
-	bhead := http.Header{}
-	p.copyHeaders(r.Header, bhead)
+	nreq := &http.Request{
+		Header: http.Header{},
+	}
+	p.copyHeaders(r.Header, nreq.Header)
 	if p.config.PassthroughAuth {
-		if err := p.mangleCookies(cluster, r, bhead); err != nil {
+		if err := p.mangleCookies(cluster, r, nreq); err != nil {
 			return err
 		}
 	}
-	bcon, resp, err := dialer.Dial(tgturl.String(), bhead)
+	bcon, resp, err := dialer.Dial(tgturl.String(), nreq.Header)
 	if err != nil {
 		return fmt.Errorf("failed dialing backend: %w", err)
 	}
diff --git a/pkg/proxy/sessions.go b/pkg/proxy/sessions.go
index 8e6c229..635adc2 100644
--- a/pkg/proxy/sessions.go
+++ b/pkg/proxy/sessions.go
@@ -187,16 +187,16 @@ func (p *Proxy) registerSession(log logrus.FieldLogger, sid uuid.UUID, cluster s
 	return nil
 }
 
-func (p *Proxy) mangleCookies(cluster string, r *http.Request, h http.Header) error {
-	h.Del("Cookie")
-	for _, c := range r.Cookies() {
+func (p *Proxy) mangleCookies(cluster string, oreq *http.Request, nreq *http.Request) error {
+	nreq.Header.Del("Cookie")
+	for _, c := range oreq.Cookies() {
 		if c.Name != "PVEAuthCookie" &&
 			c.Name != clusterCookieName &&
 			c.Name != sessionCookieName {
-			h.Add("Cookie", c.String())
+			nreq.AddCookie(c)
 		}
 	}
-	rsid, err := r.Cookie(sessionCookieName)
+	rsid, err := oreq.Cookie(sessionCookieName)
 	if errors.Is(err, http.ErrNoCookie) {
 		return nil
 	}
@@ -217,7 +217,7 @@ func (p *Proxy) mangleCookies(cluster string, r *http.Request, h http.Header) er
 	if !ok {
 		return nil
 	}
-	h.Add("Cookie", c.String())
+	nreq.AddCookie(&c)
 	return nil
 }