root
/
spring-boot
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Support X-Forwarded-Host header when auto-configuring RemoteIpValve

Browse Source 
Closes gh-18233
pull/18321/head
Andy Wilkinson 5 years ago
parent 303974fde9
commit 30c05b2b49
3 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File

13
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/ServerProperties.java
Unescape Escape View File

@ -321,6 +321,11 @@ public class ServerProperties {
*/
private String remoteIpHeader;
/**
* Name of the HTTP header from which the remote host is extracted.
*/
private String hostHeader = "X-Forwarded-Host";
/**
* Tomcat base directory. If not specified, a temporary directory is used.
*/
@ -519,6 +524,14 @@ public class ServerProperties {
this.remoteIpHeader = remoteIpHeader;
}
public String getHostHeader() {
return this.hostHeader;
}
public void setHostHeader(String hostHeader) {
this.hostHeader = hostHeader;
}
public Charset getUriEncoding() {
return this.uriEncoding;
}

1
spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/embedded/TomcatWebServerFactoryCustomizer.java
Unescape Escape View File

@ -183,6 +183,7 @@ public class TomcatWebServerFactoryCustomizer
// The internal proxies default to a white list of "safe" internal IP
// addresses
valve.setInternalProxies(tomcatProperties.getInternalProxies());
valve.setHostHeader(tomcatProperties.getHostHeader());
valve.setPortHeader(tomcatProperties.getPortHeader());
valve.setProtocolHeaderHttpsValue(tomcatProperties.getProtocolHeaderHttpsValue());
// ... so it's safe to add this valve by default.

2
spring-boot-project/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/web/embedded/TomcatWebServerFactoryCustomizerTests.java
Unescape Escape View File

@ -243,6 +243,8 @@ class TomcatWebServerFactoryCustomizerTests {
assertThat(remoteIpValve.getProtocolHeader()).isEqualTo("X-Forwarded-Proto");
assertThat(remoteIpValve.getProtocolHeaderHttpsValue()).isEqualTo("https");
assertThat(remoteIpValve.getRemoteIpHeader()).isEqualTo("X-Forwarded-For");
assertThat(remoteIpValve.getHostHeader()).isEqualTo("X-Forwarded-Host");
assertThat(remoteIpValve.getPortHeader()).isEqualTo("X-Forwarded-Port");
String expectedInternalProxies = "10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|" // 10/8
+ "192\\.168\\.\\d{1,3}\\.\\d{1,3}|" // 192.168/16
+ "169\\.254\\.\\d{1,3}\\.\\d{1,3}|" // 169.254/16

Write Preview
Loading…
Cancel
Save