Uploaded image for project: 'Undertow'
  1. Undertow
  2. UNDERTOW-2041

Error when X-forwarded-For header contains ipv6 address with leading zeroes

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 2.2.17.Final
    • 2.2.16.Final
    • Core
    • None

      When undertow receives an X-Forwarded-For header that contains an ipv6 address, this ip v6 address is parsed by the 

      io.undertow.util.NetworkUtils.parseIpv6AddressToBytes() method.

      This method rejects ipv6 addresses that contains leading zeroes.

      For example, this address is considered valid:

      2001:DB8:0:CD30:123:4567:89AB:CDEF

      while this one is considered as invalid:

      2001:0DB8:0:CD30:0123:4567:89AB:CDEF

       

      This behaviour is implemented here:

      https://github.com/undertow-io/undertow/blob/7133a92424efc328ab9300e5df6df967a9dd9d69/core/src/main/java/io/undertow/util/NetworkUtils.java#L121

      Yet, by looking at the RFC 4291, we can read that 

      "it is not necessary to write the leading zeros" (see section 2.2 here: https://datatracker.ietf.org/doc/html/rfc4291)

      So, to my understanding, ipv6 with leading zeroes should not be rejected by the ipv6 parser of undertow.

       

              flaviarnn Flavia Rainone
              sylvererichard Sylvere Richard (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: