Mercurial Hosting > luan
comparison src/org/eclipse/jetty/server/Connector.java @ 889:5731a7707466
remove _forwarded
| author | Franklin Schmidt <fschmidt@gmail.com> |
|---|---|
| date | Thu, 06 Oct 2016 23:24:30 -0600 |
| parents | 1aa58272794f |
| children | 5dc615c34848 |
comparison
equal
deleted
inserted
replaced
| 888:1aa58272794f | 889:5731a7707466 |
|---|---|
| 67 private String _confidentialScheme = HttpSchemes.HTTPS; | 67 private String _confidentialScheme = HttpSchemes.HTTPS; |
| 68 private int _confidentialPort = 0; | 68 private int _confidentialPort = 0; |
| 69 private int _acceptors = 1; | 69 private int _acceptors = 1; |
| 70 private int _acceptorPriorityOffset = 0; | 70 private int _acceptorPriorityOffset = 0; |
| 71 private boolean _useDNS; | 71 private boolean _useDNS; |
| 72 private boolean _forwarded; | |
| 73 private String _hostHeader; | 72 private String _hostHeader; |
| 74 | 73 |
| 75 private String _forwardedHostHeader = HttpHeaders.X_FORWARDED_HOST; | 74 private String _forwardedHostHeader = HttpHeaders.X_FORWARDED_HOST; |
| 76 private String _forwardedServerHeader = HttpHeaders.X_FORWARDED_SERVER; | 75 private String _forwardedServerHeader = HttpHeaders.X_FORWARDED_SERVER; |
| 77 private String _forwardedForHeader = HttpHeaders.X_FORWARDED_FOR; | 76 private String _forwardedForHeader = HttpHeaders.X_FORWARDED_FOR; |
| 311 { | 310 { |
| 312 LOG.trace("",e); | 311 LOG.trace("",e); |
| 313 } | 312 } |
| 314 } | 313 } |
| 315 | 314 |
| 316 /* ------------------------------------------------------------ */ | |
| 317 public void customize(EndPoint endpoint, Request request) throws IOException | 315 public void customize(EndPoint endpoint, Request request) throws IOException |
| 318 { | 316 { |
| 319 if (isForwarded()) | |
| 320 checkForwardedHeaders(endpoint,request); | |
| 321 } | |
| 322 | |
| 323 /* ------------------------------------------------------------ */ | |
| 324 protected void checkForwardedHeaders(EndPoint endpoint, Request request) throws IOException | |
| 325 { | |
| 326 HttpFields httpFields = request.getConnection().getRequestFields(); | |
| 327 | |
| 328 // Do SSL first | |
| 329 if (getForwardedCipherSuiteHeader()!=null) | |
| 330 { | |
| 331 String cipher_suite=httpFields.getStringField(getForwardedCipherSuiteHeader()); | |
| 332 if (cipher_suite!=null) | |
| 333 request.setAttribute("javax.servlet.request.cipher_suite",cipher_suite); | |
| 334 } | |
| 335 if (getForwardedSslSessionIdHeader()!=null) | |
| 336 { | |
| 337 String ssl_session_id=httpFields.getStringField(getForwardedSslSessionIdHeader()); | |
| 338 if(ssl_session_id!=null) | |
| 339 { | |
| 340 request.setAttribute("javax.servlet.request.ssl_session_id", ssl_session_id); | |
| 341 request.setScheme(HttpSchemes.HTTPS); | |
| 342 } | |
| 343 } | |
| 344 | |
| 345 // Retrieving headers from the request | |
| 346 String forwardedHost = getLeftMostFieldValue(httpFields,getForwardedHostHeader()); | |
| 347 String forwardedServer = getLeftMostFieldValue(httpFields,getForwardedServerHeader()); | |
| 348 String forwardedFor = getLeftMostFieldValue(httpFields,getForwardedForHeader()); | |
| 349 String forwardedProto = getLeftMostFieldValue(httpFields,getForwardedProtoHeader()); | |
| 350 | |
| 351 if (_hostHeader != null) | |
| 352 { | |
| 353 // Update host header | |
| 354 httpFields.put(HttpHeaders.HOST_BUFFER,_hostHeader); | |
| 355 request.setServerName(null); | |
| 356 request.setServerPort(-1); | |
| 357 request.getServerName(); | |
| 358 } | |
| 359 else if (forwardedHost != null) | |
| 360 { | |
| 361 // Update host header | |
| 362 httpFields.put(HttpHeaders.HOST_BUFFER,forwardedHost); | |
| 363 request.setServerName(null); | |
| 364 request.setServerPort(-1); | |
| 365 request.getServerName(); | |
| 366 } | |
| 367 else if (forwardedServer != null) | |
| 368 { | |
| 369 // Use provided server name | |
| 370 request.setServerName(forwardedServer); | |
| 371 } | |
| 372 | |
| 373 if (forwardedFor != null) | |
| 374 { | |
| 375 request.setRemoteAddr(forwardedFor); | |
| 376 InetAddress inetAddress = null; | |
| 377 | |
| 378 if (_useDNS) | |
| 379 { | |
| 380 try | |
| 381 { | |
| 382 inetAddress = InetAddress.getByName(forwardedFor); | |
| 383 } | |
| 384 catch (UnknownHostException e) | |
| 385 { | |
| 386 LOG.trace("",e); | |
| 387 } | |
| 388 } | |
| 389 | |
| 390 request.setRemoteHost(inetAddress == null?forwardedFor:inetAddress.getHostName()); | |
| 391 } | |
| 392 | |
| 393 if (forwardedProto != null) | |
| 394 { | |
| 395 request.setScheme(forwardedProto); | |
| 396 } | |
| 397 } | 317 } |
| 398 | 318 |
| 399 /* ------------------------------------------------------------ */ | 319 /* ------------------------------------------------------------ */ |
| 400 protected String getLeftMostFieldValue(HttpFields fields, String header) | 320 protected String getLeftMostFieldValue(HttpFields fields, String header) |
| 401 { | 321 { |
| 474 /* | 394 /* |
| 475 * @see org.eclipse.jetty.server.Connector#isConfidential(org.eclipse.jetty.server.Request) | 395 * @see org.eclipse.jetty.server.Connector#isConfidential(org.eclipse.jetty.server.Request) |
| 476 */ | 396 */ |
| 477 public boolean isConfidential(Request request) | 397 public boolean isConfidential(Request request) |
| 478 { | 398 { |
| 479 return _forwarded && request.getScheme().equalsIgnoreCase(HttpSchemes.HTTPS); | 399 return false; |
| 480 } | 400 } |
| 481 | 401 |
| 482 /* ------------------------------------------------------------ */ | 402 /* ------------------------------------------------------------ */ |
| 483 /** | 403 /** |
| 484 * @param confidentialPort | 404 * @param confidentialPort |
| 535 | 455 |
| 536 /* ------------------------------------------------------------ */ | 456 /* ------------------------------------------------------------ */ |
| 537 public void setResolveNames(boolean resolve) | 457 public void setResolveNames(boolean resolve) |
| 538 { | 458 { |
| 539 _useDNS = resolve; | 459 _useDNS = resolve; |
| 540 } | |
| 541 | |
| 542 /* ------------------------------------------------------------ */ | |
| 543 /** | |
| 544 * Is reverse proxy handling on? | |
| 545 * | |
| 546 * @return true if this connector is checking the x-forwarded-for/host/server headers | |
| 547 */ | |
| 548 public boolean isForwarded() | |
| 549 { | |
| 550 return _forwarded; | |
| 551 } | |
| 552 | |
| 553 /* ------------------------------------------------------------ */ | |
| 554 /** | |
| 555 * Set reverse proxy handling. If set to true, then the X-Forwarded headers (or the headers set in their place) are looked for to set the request protocol, | |
| 556 * host, server and client ip. | |
| 557 * | |
| 558 * @param check | |
| 559 * true if this connector is checking the x-forwarded-for/host/server headers | |
| 560 * @see #setForwardedForHeader(String) | |
| 561 * @see #setForwardedHostHeader(String) | |
| 562 * @see #setForwardedProtoHeader(String) | |
| 563 * @see #setForwardedServerHeader(String) | |
| 564 */ | |
| 565 public void setForwarded(boolean check) | |
| 566 { | |
| 567 if (check) | |
| 568 LOG.debug("{} is forwarded",this); | |
| 569 _forwarded = check; | |
| 570 } | 460 } |
| 571 | 461 |
| 572 /* ------------------------------------------------------------ */ | 462 /* ------------------------------------------------------------ */ |
| 573 public String getHostHeader() | 463 public String getHostHeader() |
| 574 { | 464 { |