You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by re...@apache.org on 2018/07/07 17:44:18 UTC
[cxf] 01/02: Consider the outermost proxy in X-Forwarded-Host (#429)
This is an automated email from the ASF dual-hosted git repository.
reta pushed a commit to branch 3.2.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit ca6eb16a1be3b8605fd024626de0f783519441ec
Author: mo7ty <mo...@users.noreply.github.com>
AuthorDate: Sat Jul 7 17:16:24 2018 +0100
Consider the outermost proxy in X-Forwarded-Host (#429)
When behind more than one reverse proxy, each can add a new entry in X-Forwarded-Host, resulting in:
> X-Forwarded-Host: host1, host2
Consider the outermost proxy/host ('host1') like done for 'originalRemoteAddr'.
---
.../java/org/apache/cxf/transport/servlet/AbstractHTTPServlet.java | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/servlet/AbstractHTTPServlet.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/servlet/AbstractHTTPServlet.java
index f3a466e..eee121c 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/servlet/AbstractHTTPServlet.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/servlet/AbstractHTTPServlet.java
@@ -484,10 +484,11 @@ public abstract class AbstractHTTPServlet extends HttpServlet implements Filter
newRemoteAddr = (originalRemoteAddr.split(",")[0]).trim();
}
newRequestUri = calculateNewRequestUri(request, originalPrefix);
+ String outermostHost = (originalHost.split(",")[0]).trim();
newRequestUrl = calculateNewRequestUrl(request,
originalProto,
originalPrefix,
- originalHost,
+ outermostHost,
originalPort);
newContextPath = calculateNewContextPath(request, originalPrefix);
newServletPath = calculateNewServletPath(request, originalPrefix);