URL Rewriting
With a reverse proxy, it is often necessary to rewrite URLs in the proxied content to be consistent with the local path. For example, the local path /qad-webshell/proxy/app is proxied to the remote server https://remote.qad.com/context, and the proxied content contains links similar to the following
<a href="https://remote.qad.com/context/some/cool/api">Click Me!</a>
<a href="/context/some/cool/api">Click Me!</a>
Without rewriting, the first link would try to bypass the proxy and go directly to the remote server. The second link would resolve as:
https://webshell.qad.com/context/some/cool/api
when it should instead be:
https://webshell.qad.com/proxy/app/some/cool/api
The solution to these problems is URL rewriting. Currently, QAD supports rewriting for HTML (html), JavaScript (js), and JSON (json) content. To enable content rewriting with default settings, add the following property with a comma-separated list of rewriters:
qad-webshell.proxy.{name}.rewriters
For example,
qad-webshell.proxy.{name}.rewriters=html,json
HTML Rewriting
Links in HTML can occur in one of the following places:
• Inside an HTML attribute: <a href="URL">
• Inside an HTML event handler: <body onload="load('URL')">
• Inside styles attribute or content: <div style="background-image: url('URL')"> or <style> { background-image: url('URL'); }</style>
• Inside script content: <script>var url = 'URL'</script>
Enabling the HTML rewriter enables only attribute rewriting by default. To enable and configure link, event, style, and script rules, add the following property with a comma-separated list of rewrite options:
qad-webshell.proxy.{name}.rewriters.html
Each option works by applying a set of rewrite mappings to selected content in the HTML document. Each option has the following default behavior.
link
The link option is responsible for rewriting links in HTML attributes. By default, it looks for links in href, src, action, data, and cite attributes. It applies a set of rewrite mappings to those attribute values in the document. Rewrite mappings are either simple mappings that match and replace a given prefix, or regex mappings that perform general match and replace. The default mappings are based on the proxy configuration. For example, suppose proxyFrom=/app, proxyTo=https://remote.qad.com/path, and the webshell context is qad-webshell. Two simple mappings are defined:
/path -> /{context}/proxy/app
https://remote.qad.com/path -> /qad-webshell/proxy/app
event
The event option is responsible for rewriting links in HTML event handlers. By default it looks for links in the following attributes:
• onclick
• ondblclick
• onmousedown
• onmouseup
• onmouseover
• onmousemove
• onmouseout
• onkeypress
• onkeydown
• onkeyup
• onfocus
• onblur
• onload
• onunload
• onsubmit
• onreset
• onselect
• onchange
Because the event handler can contain arbitrary JavaScript, this option uses regex mappings by default to look for links in JavaScript strings. Using the same scenario as in the
link example, suppose proxyFrom=/app, proxyTo=https://remote.qad.com/path, and the webshell context is qad-webshell. The default mappings are defined:
'(?:https://remote\.qad\.com/path|/path)((?:[^'\\]|\\.)*)' -> '/qad-webshell/proxy/app$1'
"(?:https://remote\.qad\.com/path|/path)((?:[^"\\]|\\.)*)" -> "/qad-webshell/proxy/app$1"
style
This option rewrites links in script attributes and script content. By default, it uses the following regex mappings to match CSS URL data types:
url\(\s*'(?:https://remote\.qad\.com/path|/path)((?:[^'\\]|\\.)*)'\s*\) -> url('/qad-webshell/proxy/app$1')
url\(\s*"(?:https://remote\.qad\.com/path|/path)((?:[^"\\]|\\.)*)"\s*\) -> url("/qad-webshell/proxy/app$1")
script
This option rewrites links in script content. By default, it uses the same regular expressions as the
event option.
The default behavior for each of these options can be customized using the following properties.
Script Content Properties
|
Property
|
Description
|
|
qad-webshell.proxy.{name}.rewriters.html.{option}.attributes
|
Comma-separated list of attributes for link and event options. Include ‘default’ in the list to use default attributes in addition to custom ones.
|
|
qad-webshell.proxy.{name}.rewriters.html.{option}.mappings
|
Comma-separated list of mapping types to apply. Current supported values are ‘simple,’ ‘regex,’ and ‘default’
|
|
qad-webshell.proxy.{name}.rewriters.html.{option}.mappings.simple
|
Simple rewrite mappings in pairs separated by spaces. For example,
/path /qad-webshell/proxy/app https://remote.qad.com/path /qad-webshell/proxy/app
|
|
qad-webshell.proxy.{name}.rewriters.html.{option}.mappings.regex
|
Regex mappings in pairs separated by spaces. For example,
'(?:https://remote\.qad\.com/path|/path)((?:[^'\\\\]|\\\\.)*)' '/qad-webshell/proxy/app$1' \"(?:https://remote\.qad\.com/path|/path)((?:[^"\\\\]|\\\\.)*)\" "/qad-webshell/proxy/app$1"
|
Example
In this example, two proxy endpoints are set up:
• /qad-webshell/proxy/configurator -> https://procon-internal.qad.com:16560/procon
• /qad-webshell/proxy/tomcat/ -> https://tomcat-internal.qad.com:22000/
The Tomcat proxy has URL rewriting enabled for HTML links with custom attributes and mappings. The qad-webshell.properties file would look like the following:
qad-webshell.proxy.names=tomcat,configurator
qad-webshell.proxy.configurator.proxyFrom=/configurator
qad-webshell.proxy.configurator.proxyTo=https://procon-internal.qad.com:16560/procon
qad-webshell.proxy.tomcat.proxyFrom=/tomcat/
qad-webshell.proxy.tomcat.proxyTo=https://tomcat-internal.qad.com:22000/
qad-webshell.proxy.tomcat.rewriters=html
qad-webshell.proxy.tomcat.rewriters.html=link
qad-webshell.proxy.tomcat.rewriters.html.link.attributes=href,src,action,value
qad-webshell.proxy.tomcat.rewriters.html.link.mappings=simple
qad-webshell.proxy.tomcat.rewriters.html.link.mappings.simple=/ /qad-webshell/proxy/tomcat/