Eclipse
/
jetty.project
mirror of https://github.com/jetty/jetty.project.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Tests #4573 X-Forwarded ordering 

Added tests for header ordering
fixed cut-and-paste error of _for to _host

Signed-off-by: Greg Wilkins <gregw@webtide.com>
This commit is contained in:
Greg Wilkins 2020-02-16 11:04:34 +01:00
parent aaf6f17766
commit 652428ad70
2 changed files with 58 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
jetty-server/src/main/java/org/eclipse/jetty/server/ForwardedRequestCustomizer.java
View File

@ -589,13 +589,14 @@ public class ForwardedRequestCustomizer implements Customizer
}
}
@SuppressWarnings("unused")
public void handleHost(HttpField field)
{
if (getForwardedPortAsAuthority() && !StringUtil.isEmpty(getForwardedPortHeader()))
{
if (_host == null)
_host = new PossiblyPartialHostPort(getLeftMost(field.getValue()));
else if (_for instanceof PortSetHostPort)
else if (_host instanceof PortSetHostPort)
_host = new HostPort(HostPort.normalizeHost(getLeftMost(field.getValue())), _host.getPort());
}
else if (_host == null)

56
jetty-server/src/test/java/org/eclipse/jetty/server/ForwardedRequestCustomizerTest.java
View File

@ -397,6 +397,34 @@ public class ForwardedRequestCustomizerTest
.requestURL("http://myhost:4444/")
.remoteAddr("192.168.1.200").remotePort(0)
),
Arguments.of(new Request("X-Forwarded-* (all headers except server)")
.headers(
"GET / HTTP/1.1",
"Host: myhost",
"X-Forwarded-Proto: https",
"X-Forwarded-Host: www.example.com",
"X-Forwarded-Port: 4333",
"X-Forwarded-For: 8.5.4.3:2222"
),
new Expectations()
.scheme("https").serverName("www.example.com").serverPort(4333)
.requestURL("https://www.example.com:4333/")
.remoteAddr("8.5.4.3").remotePort(2222)
),
Arguments.of(new Request("X-Forwarded-* (all headers except server, port first)")
.headers(
"GET / HTTP/1.1",
"Host: myhost",
"X-Forwarded-Proto: https",
"X-Forwarded-Port: 4333",
"X-Forwarded-Host: www.example.com",
"X-Forwarded-For: 8.5.4.3:2222"
),
new Expectations()
.scheme("https").serverName("www.example.com").serverPort(4333)
.requestURL("https://www.example.com:4333/")
.remoteAddr("8.5.4.3").remotePort(2222)
),
Arguments.of(new Request("X-Forwarded-* (all headers)")
.headers(
"GET / HTTP/1.1",
@ -427,6 +455,21 @@ public class ForwardedRequestCustomizerTest
.requestURL("https://www.example.com:4333/")
.remoteAddr("8.5.4.3").remotePort(2222)
),
Arguments.of(new Request("X-Forwarded-* (all headers reversed)")
.headers(
"GET / HTTP/1.1",
"Host: myhost",
"X-Forwarded-Server: fw.example.com",
"X-Forwarded-For: 8.5.4.3:2222",
"X-Forwarded-Port: 4333",
"X-Forwarded-Host: www.example.com",
"X-Forwarded-Proto: https"
),
new Expectations()
.scheme("https").serverName("www.example.com").serverPort(4333)
.requestURL("https://www.example.com:4333/")
.remoteAddr("8.5.4.3").remotePort(2222)
),
Arguments.of(new Request("X-Forwarded-* (Server and Port)")
.headers(
"GET / HTTP/1.1",
@ -440,6 +483,19 @@ public class ForwardedRequestCustomizerTest
.requestURL("http://fw.example.com:4333/")
.remoteAddr("8.5.4.3").remotePort(2222)
),
Arguments.of(new Request("X-Forwarded-* (Port and Server)")
.headers(
"GET / HTTP/1.1",
"Host: myhost",
"X-Forwarded-Port: 4333",
"X-Forwarded-For: 8.5.4.3:2222",
"X-Forwarded-Server: fw.example.com"
),
new Expectations()
.scheme("http").serverName("fw.example.com").serverPort(4333)
.requestURL("http://fw.example.com:4333/")
.remoteAddr("8.5.4.3").remotePort(2222)
),
// =================================================================
// Mixed Behavior