Lazily read ForwardedHeaders_Enabled config at starup

halter73 · halter73 · commit 31a33027e4e0 · 2021-07-27T17:15:43.000-07:00
diff --git a/src/DefaultBuilder/src/ForwardedHeadersOptionsSetup.cs b/src/DefaultBuilder/src/ForwardedHeadersOptionsSetup.cs
@@ -0,0 +1,34 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.HttpOverrides;
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.Options;
+
+namespace Microsoft.AspNetCore
+{
+    internal class ForwardedHeadersOptionsSetup : IConfigureOptions<ForwardedHeadersOptions>
+    {
+        private readonly IConfiguration _configuration;
+
+        public ForwardedHeadersOptionsSetup(IConfiguration configuration)
+        {
+            _configuration = configuration;
+        }
+
+        public void Configure(ForwardedHeadersOptions options)
+        {
+            if (!string.Equals("true", _configuration["ForwardedHeaders_Enabled"], StringComparison.OrdinalIgnoreCase))
+            {
+                return;
+            }
+
+            options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
+            // Only loopback proxies are allowed by default. Clear that restriction because forwarders are
+            // being enabled by explicit configuration.
+            options.KnownNetworks.Clear();
+            options.KnownProxies.Clear();
+        }
+    }
+}
diff --git a/src/DefaultBuilder/src/ForwardedHeadersStartupFilter.cs b/src/DefaultBuilder/src/ForwardedHeadersStartupFilter.cs
@@ -4,13 +4,26 @@
 using System;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.Extensions.Configuration;
 
 namespace Microsoft.AspNetCore
 {
     internal class ForwardedHeadersStartupFilter : IStartupFilter
     {
+        private readonly IConfiguration _configuration;
+
+        public ForwardedHeadersStartupFilter(IConfiguration configuration)
+        {
+            _configuration = configuration;
+        }
+
         public Action<IApplicationBuilder> Configure(Action<IApplicationBuilder> next)
         {
+            if (!string.Equals("true", _configuration["ForwardedHeaders_Enabled"], StringComparison.OrdinalIgnoreCase))
+            {
+                return next;
+            }
+
             return app =>
             {
                 app.UseForwardedHeaders();
diff --git a/src/DefaultBuilder/src/WebHost.cs b/src/DefaultBuilder/src/WebHost.cs
@@ -243,20 +243,8 @@ internal static void ConfigureWebDefaults(IWebHostBuilder builder)
                             new ConfigurationChangeTokenSource<HostFilteringOptions>(hostingContext.Configuration));
 
                 services.AddTransient<IStartupFilter, HostFilteringStartupFilter>();
-
-                if (string.Equals("true", hostingContext.Configuration["ForwardedHeaders_Enabled"], StringComparison.OrdinalIgnoreCase))
-                {
-                    services.Configure<ForwardedHeadersOptions>(options =>
-                    {
-                        options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
-                        // Only loopback proxies are allowed by default. Clear that restriction because forwarders are
-                        // being enabled by explicit configuration.
-                        options.KnownNetworks.Clear();
-                        options.KnownProxies.Clear();
-                    });
-
-                    services.AddTransient<IStartupFilter, ForwardedHeadersStartupFilter>();
-                }
+                services.AddTransient<IStartupFilter, ForwardedHeadersStartupFilter>();
+                services.AddTransient<IConfigureOptions<ForwardedHeadersOptions>, ForwardedHeadersOptionsSetup>();
 
                 services.AddRouting();
             })
