You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by GitBox <gi...@apache.org> on 2020/09/07 11:01:09 UTC

[GitHub] [nifi-minifi-cpp] szaszm commented on a change in pull request #897: MINIFICPP-1357 Implement and test proxy handling in InvokeHTTP

szaszm commented on a change in pull request #897:
URL: https://github.com/apache/nifi-minifi-cpp/pull/897#discussion_r484344801



##########
File path: docker/test/integration/test_http.py
##########
@@ -34,3 +33,26 @@ def test_invoke_listen():
         cluster.deploy_flow(invoke_flow, name='minifi-invoke')
 
         assert cluster.check_output()
+
+def test_invoke_listen_with_proxy():
+    """
+    Verify sending through a proxy using InvokeHTTP to a receiver using ListenHTTP.
+    """
+    invoke_flow = (GetFile('/tmp/input')
+                   >> LogAttribute()
+                   >> InvokeHTTP('http://minifi-listen:8080/contentListener',
+                                 method='POST',
+                                 proxy_host='http-proxy',
+                                 proxy_port='3128',
+                                 proxy_username='admin',
+                                 proxy_password='test101'))
+
+    listen_flow = ListenHTTP(8080) >> LogAttribute() >> PutFile('/tmp/output')
+
+    with DockerTestCluster(SingleFileOutputValidator('test')) as cluster:
+        cluster.put_test_data('test')
+        cluster.deploy_flow(None, engine='http-proxy')
+        cluster.deploy_flow(listen_flow, name='minifi-listen')
+        cluster.deploy_flow(invoke_flow, name='minifi-invoke')
+
+        assert cluster.check_output()

Review comment:
       Do we have a way to verify that the traffic really went through the proxy and didn't bypass it like before this PR?

##########
File path: libminifi/include/utils/ByteArrayCallback.h
##########
@@ -57,6 +57,7 @@ class ByteInputCallBack : public InputStreamCallback {
   }
 
   virtual void seek(size_t pos) {
+    ptr = &vec[pos];

Review comment:
       What's the purpose of this change? I think this may break `getBuffer`.

##########
File path: extensions/http-curl/processors/InvokeHTTP.h
##########
@@ -155,8 +155,10 @@ class InvokeHTTP : public core::Processor {
   bool use_chunked_encoding_{false};
   // penalize on no retry
   bool penalize_no_retry_{false};
-  // disable peer verification ( makes susceptible for MITM attacks )
-  bool disable_peer_verification_{false};
+  bool disable_peer_verification_{false}; // ( makes susceptible for MITM attacks )
+  bool follow_redirects_{true};

Review comment:
       I think `follow_redirects_` is unused




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org