You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by pa...@apache.org on 2021/03/05 14:57:07 UTC
[wicket] 01/02: Do not try to resolve X-Forwarded-For header
This is an automated email from the ASF dual-hosted git repository.
papegaaij pushed a commit to branch wicket-8.x
in repository https://gitbox.apache.org/repos/asf/wicket.git
commit c2da3ade7f93abc5ec4c502401e9a6d639eb9331
Author: Emond Papegaaij <em...@topicus.nl>
AuthorDate: Fri Mar 5 13:28:15 2021 +0100
Do not try to resolve X-Forwarded-For header
The remote address is reported by HttpServletRequest. Configuration of
this property is normally done via the application server. If this is
somehow not possible, use XForwardedRequestWrapperFactory.
---
.../protocol/http/request/WebClientInfo.java | 40 +++-------------------
1 file changed, 4 insertions(+), 36 deletions(-)
diff --git a/wicket-core/src/main/java/org/apache/wicket/protocol/http/request/WebClientInfo.java b/wicket-core/src/main/java/org/apache/wicket/protocol/http/request/WebClientInfo.java
index c00dc47..c7ce9ee 100644
--- a/wicket-core/src/main/java/org/apache/wicket/protocol/http/request/WebClientInfo.java
+++ b/wicket-core/src/main/java/org/apache/wicket/protocol/http/request/WebClientInfo.java
@@ -145,49 +145,17 @@ public class WebClientInfo extends ClientInfo
}
/**
- * When using ProxyPass, requestCycle().getHttpServletRequest(). getRemoteAddr() returns the IP
- * of the machine forwarding the request. In order to maintain the clients ip address, the
- * server places it in the <a
- * href="http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#x-headers">X-Forwarded-For</a>
- * Header.
- *
- * Proxies may also mask the original client IP with tokens like "hidden" or "unknown".
- * If so, the last proxy ip address is returned.
+ * Returns the IP address from {@code HttpServletRequest.getRemoteAddr()}.
*
* @param requestCycle
* the request cycle
- * @return remoteAddr IP address of the client, using the X-Forwarded-For header and defaulting
- * to: getHttpServletRequest().getRemoteAddr()
+ * @return remoteAddr IP address of the client, using
+ * {@code getHttpServletRequest().getRemoteAddr()}
*/
protected String getRemoteAddr(RequestCycle requestCycle)
{
ServletWebRequest request = (ServletWebRequest)requestCycle.getRequest();
- HttpServletRequest req = request.getContainerRequest();
- String remoteAddr = request.getHeader("X-Forwarded-For");
-
- if (remoteAddr != null)
- {
- if (remoteAddr.contains(","))
- {
- // sometimes the header is of form client ip,proxy 1 ip,proxy 2 ip,...,proxy n ip,
- // we just want the client
- remoteAddr = Strings.split(remoteAddr, ',')[0].trim();
- }
- try
- {
- // If ip4/6 address string handed over, simply does pattern validation.
- InetAddress.getByName(remoteAddr);
- }
- catch (UnknownHostException e)
- {
- remoteAddr = req.getRemoteAddr();
- }
- }
- else
- {
- remoteAddr = req.getRemoteAddr();
- }
- return remoteAddr;
+ return request.getContainerRequest().getRemoteAddr();
}
/**