Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.1.0.DR6
Affects Version/s: 7.0.1.GA
Component/s: Undertow
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Git Pull Request:
https://github.com/undertow-io/undertow/commit/02e5e7a531456acaa6a38c1cb23b75ecebf6d414, https://github.com/undertow-io/undertow/commit/60beda67556a1c731d4b007c38fb8beee791ce6c
Steps to Reproduce:
Hide

1. Set `proxy-address-forwarding="true"` on http-listener:
2. Deploy jsp that logs out request.getServerName/getServerPort/etc.
3. Make request with X-Forwarded-* headers present:

# curl -H "X-Forwarded-Host:myhost" -H "X-Forwarded-Port: 80" http://localhost:8080/sample_proxynameport/hello.jsp request.getServerName() => localhost request.getServerPort() => 8080 request.getScheme() => http
Show
1. Set `proxy-address-forwarding="true"` on http-listener: 2. Deploy jsp that logs out request.getServerName/getServerPort/etc. 3. Make request with X-Forwarded-* headers present: # curl -H "X-Forwarded-Host:myhost" -H "X-Forwarded-Port: 80" http: //localhost:8080/sample_proxynameport/hello.jsp request.getServerName() => localhost request.getServerPort() => 8080 request.getScheme() => http

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

If I configure `proxy-address-forwarding` for my http-listener, reqeust.getServerName and request.getServerPort still return the hostname/port from the Host header in the request. I would expect if `proxy-address-forwarding` is configured that the Apache proxy's hostname/port would be returned.

I noticed that when I make a curl request with an empty Host header (like below) that the X-Forwarded-* headers are picked up by getServerName/getServerPort.

Whereas, if I set Host header to empty it works:

# curl -H "Host:" -H "X-Forwarded-Host:myhost" -H "X-Forwarded-Port: 80" http://localhost:8080/sample_proxynameport/hello.jsp
request.getServerName() => myhost
request.getServerPort() => 80
request.getScheme()     => http

However, not having a Host header is bad HTTP/1.1 and in future Undertow release the "workaround" above will not work (~~UNDERTOW-786~~).

clones

JBEAP-5669 [GSS](7.0.z) proxy-address-forwarding has not effect when Host header is present

Verified

is caused by

UNDERTOW-756 Redirect Location header ignores X-Forwarded-Host and X-Forwarded-Port but honours X-Forwarded-Proto

Resolved

is incorporated by

JBEAP-5669 [GSS](7.0.z) proxy-address-forwarding has not effect when Host header is present

Verified

Assignee:: Ingo Weiss

Reporter:: Jiří Bílek (Inactive)

Tester:: Jan Stourac

QA Contact:: Jan Stourac

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2016/09/21 9:11 AM

Updated:: 2024/09/13 4:03 PM

Resolved:: 2016/09/22 12:29 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates