Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-4632: Add the local hostname to the list of validated host headers 

This closes #2288.

Signed-off-by: Andy LoPresto <alopresto.apache@gmail.com>
This commit is contained in:
Mark Payne 2017-11-22 09:56:09 -05:00 committed by Andy LoPresto
parent 6169061456
commit cec2764140
No known key found for this signature in database
GPG Key ID: 6EC293152D90B61D
2 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/main/java/org/apache/nifi/web/server/HostHeaderHandler.java
View File

@ -18,6 +18,7 @@ package org.apache.nifi.web.server;
import java.io.IOException; import java.io.IOException;
import java.io.PrintWriter; import java.io.PrintWriter;
import java.net.InetAddress;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Objects; import java.util.Objects;
@ -60,6 +61,12 @@ public class HostHeaderHandler extends ScopedHandler {
validHosts.add("localhost:" + serverPort); validHosts.add("localhost:" + serverPort);
// Different from customizer -- empty is ok here // Different from customizer -- empty is ok here
validHosts.add(""); validHosts.add("");
try {
validHosts.add(InetAddress.getLocalHost().getHostName());
validHosts.add(InetAddress.getLocalHost().getHostName() + ":" + serverPort);
} catch (final Exception e) {
logger.warn("Failed to determine local hostname.", e);
}
logger.info("Created " + this.toString()); logger.info("Created " + this.toString());
} }

7
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/main/java/org/apache/nifi/web/server/HostHeaderSanitizationCustomizer.java
View File

@ -16,6 +16,7 @@
*/ */
package org.apache.nifi.web.server; package org.apache.nifi.web.server;
import java.net.InetAddress;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Objects; import java.util.Objects;
@ -53,6 +54,12 @@ public class HostHeaderSanitizationCustomizer implements HttpConfiguration.Custo
// Sometimes the hostname is left empty but the port is always populated // Sometimes the hostname is left empty but the port is always populated
validHosts.add("localhost"); validHosts.add("localhost");
validHosts.add("localhost:" + serverPort); validHosts.add("localhost:" + serverPort);
try {
validHosts.add(InetAddress.getLocalHost().getHostName());
validHosts.add(InetAddress.getLocalHost().getHostName() + ":" + serverPort);
} catch (final Exception e) {
logger.warn("Failed to determine local hostname.", e);
}
logger.info("Created " + this.toString()); logger.info("Created " + this.toString());
} }