From 803a45b43beda48aa9f399cb2e437d55365c31da Mon Sep 17 00:00:00 2001
From: "alexey.barsov" <alexey.barsov@jetbrains.com>
Date: Fri, 1 Feb 2019 15:38:33 +0100
Subject: [PATCH] Issue #3302 Supporting host:ip in X-Forwarded-For (fixing
 review remarks)

Signed-off-by: alexey.barsov <alexey.barsov@jetbrains.com>
---
 .../server/ForwardedRequestCustomizer.java    | 35 +++++++++++--------
 1 file changed, 20 insertions(+), 15 deletions(-)

diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/ForwardedRequestCustomizer.java b/jetty-server/src/main/java/org/eclipse/jetty/server/ForwardedRequestCustomizer.java
index c4761c49efa..bb37dd2a2fc 100644
--- a/jetty-server/src/main/java/org/eclipse/jetty/server/ForwardedRequestCustomizer.java
+++ b/jetty-server/src/main/java/org/eclipse/jetty/server/ForwardedRequestCustomizer.java
@@ -31,6 +31,8 @@ import org.eclipse.jetty.http.QuotedCSV;
 import org.eclipse.jetty.server.HttpConfiguration.Customizer;
 import org.eclipse.jetty.util.HostPort;
 import org.eclipse.jetty.util.StringUtil;
+import org.eclipse.jetty.util.log.Log;
+import org.eclipse.jetty.util.log.Logger;
 
 
 /* ------------------------------------------------------------ */
@@ -55,6 +57,8 @@ import org.eclipse.jetty.util.StringUtil;
  */
 public class ForwardedRequestCustomizer implements Customizer
 {
+    private static final Logger LOG = Log.getLogger(ForwardedRequestCustomizer.class);
+
     private HostPortHttpField _forcedHost;
     private String _forwardedHeader = HttpHeader.FORWARDED.toString();
     private String _forwardedHostHeader = HttpHeader.X_FORWARDED_HOST.toString();
@@ -298,7 +302,7 @@ public class ForwardedRequestCustomizer implements Customizer
         RFC7239 rfc7239 = null;
         String forwardedHost = null;
         String forwardedServer = null;
-        String forwardedFor = null;
+        HostPort forwardedFor = null;
         String forwardedProto = null;
         String forwardedHttps = null;
         
@@ -390,7 +394,7 @@ public class ForwardedRequestCustomizer implements Customizer
         }
         else if (forwardedFor != null)
         {
-            request.setRemoteAddr(InetSocketAddress.createUnresolved(forwardedFor,request.getRemotePort()));
+            request.setRemoteAddr(InetSocketAddress.createUnresolved(forwardedFor.getHost(), (forwardedFor.getPort() > 0) ? forwardedFor.getPort() : request.getRemotePort()));
         }
 
         // handle protocol identifier
@@ -432,23 +436,24 @@ public class ForwardedRequestCustomizer implements Customizer
         return headerValue.substring(0,commaIndex).trim();
     }
 
-    protected String getRemoteAddr(String headerValue)
+    protected HostPort getRemoteAddr(String headerValue)
     {
         String leftMost = getLeftMost(headerValue);
-
-        if (leftMost != null && leftMost.contains(":")) {
-            try {
-                HostPort hostPort = new HostPort(leftMost);
-                if (hostPort.getPort() > 0) {
-                    // address in a format host:port, return host part only.
-                    return hostPort.getHost();
-                }
-            } catch (Exception e) {
-                // failed to parse in host[:port] format, fallback to the value resolved from header
-            }
+        if (leftMost == null)
+        {
+            return null;
         }
 
-        return leftMost;
+        try
+        {
+            return new HostPort(leftMost);
+        }
+        catch (Exception e)
+        {
+            // failed to parse in host[:port] format
+            LOG.ignore(e);
+            return null;
+        }
     }
     
     @Override