Skip to content

feat: per-service custom User-Agent override for proxy#260

Merged
kaiweijw merged 1 commit intomainfrom
feat/per-service-user-agent
Apr 10, 2026
Merged

feat: per-service custom User-Agent override for proxy#260
kaiweijw merged 1 commit intomainfrom
feat/per-service-user-agent

Conversation

@kaiweijw
Copy link
Copy Markdown
Collaborator

@kaiweijw kaiweijw commented Apr 10, 2026

Summary

  • Adds custom_user_agent: Option<String> to UserService and DownstreamService models
  • When set, overrides the client's User-Agent on outgoing proxy requests; when unset, the client UA passes through unchanged (default)
  • Applied in all four proxy paths: direct HTTP, node HTTP, direct WS, node WS
  • Validated at 256 chars max with control character rejection
  • Exposed on all service update APIs (/user-services, /keys, /services) and the frontend key-detail page

Replaces the global UA replacement approach in #256 with a per-service opt-in override. This avoids breaking downstreams like GitHub (which returns 403 without a valid User-Agent) while still letting users fix WAF-blocked services like the Chrono LLM gateway.

Closes #184
Supersedes #256

Test plan

  • cargo test -- 1356 tests pass (1165 backend + 139 CLI + 52 node-agent)
  • cargo clippy -- clean
  • npm run build (frontend) -- clean
  • npm run lint (frontend) -- no new warnings
  • New test: forward_request_passes_through_user_agent_by_default -- verifies passthrough
  • New test: forward_request_overrides_user_agent_when_service_has_custom -- verifies override
  • Manual: set custom_user_agent on a service via API, verify downstream receives it
  • Manual: verify services without the field still forward client UA unchanged

@kaiweijw
feat: per-service custom User-Agent override for proxy requests
507ce02 
Instead of globally replacing the client User-Agent (which breaks
downstreams like GitHub that validate UA), add an opt-in
custom_user_agent field on UserService and DownstreamService.

When set, the proxy replaces the client UA with the configured value.
When unset (default), the client UA passes through unchanged.

Applied in all four proxy paths: direct HTTP, node HTTP, direct WS,
and node WS. Validated at 256 chars max with control character
rejection. Exposed on all service update APIs and the frontend
key-detail page.

Closes #184
@kaiweijw kaiweijw mentioned this pull request Apr 10, 2026
Closed
3 tasks
@kaiweijw kaiweijw merged commit b3c133f into main Apr 10, 2026
8 checks passed
@kaiweijw kaiweijw deleted the feat/per-service-user-agent branch April 10, 2026 16:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Proxy forwards OpenAI SDK User-Agent header, causing WAF blocks on downstream endpoints

1 participant

@kaiweijw