tchekai704
/
src-spring-framework
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Check X-Forwarded-Host in ServletUriComponentsBuilder 

Issue: SPR-11855
pull/560/head
Rossen Stoyanchev 11 years ago
parent
c809143cc4
commit
9f4d4d1829
2 changed files with 30 additions and 9 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      spring-webmvc/src/main/java/org/springframework/web/servlet/support/ServletUriComponentsBuilder.java
  2. 23
      spring-webmvc/src/test/java/org/springframework/web/servlet/support/ServletUriComponentsBuilderTests.java

16
spring-webmvc/src/main/java/org/springframework/web/servlet/support/ServletUriComponentsBuilder.java
Unescape View File

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
/*
* Copyright 2002-2013 the original author or authors.
* Copyright 2002-2014 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -97,13 +97,12 @@ public class ServletUriComponentsBuilder extends UriComponentsBuilder { @@ -97,13 +97,12 @@ public class ServletUriComponentsBuilder extends UriComponentsBuilder {
*/
public static ServletUriComponentsBuilder fromRequest(HttpServletRequest request) {
String scheme = request.getScheme();
int port = request.getServerPort();
String host = request.getServerName();
int port = request.getServerPort();
String header = request.getHeader("X-Forwarded-Host");
if (StringUtils.hasText(header)) {
String[] hosts = StringUtils.commaDelimitedListToStringArray(header);
String hostHeader = request.getHeader("X-Forwarded-Host");
if (StringUtils.hasText(hostHeader)) {
String[] hosts = StringUtils.commaDelimitedListToStringArray(hostHeader);
String hostToUse = hosts[0];
if (hostToUse.contains(":")) {
String[] hostAndPort = StringUtils.split(hostToUse, ":");
@ -115,6 +114,11 @@ public class ServletUriComponentsBuilder extends UriComponentsBuilder { @@ -115,6 +114,11 @@ public class ServletUriComponentsBuilder extends UriComponentsBuilder {
}
}
String portHeader = request.getHeader("X-Forwarded-Port");
if (StringUtils.hasText(portHeader)) {
port = Integer.parseInt(portHeader);
}
ServletUriComponentsBuilder builder = new ServletUriComponentsBuilder();
builder.scheme(scheme);
builder.host(host);

23
spring-webmvc/src/test/java/org/springframework/web/servlet/support/ServletUriComponentsBuilderTests.java
Unescape View File

@ -1,5 +1,5 @@ @@ -1,5 +1,5 @@
/*
* Copyright 2002-2013 the original author or authors.
* Copyright 2002-2014 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@ -24,8 +24,12 @@ import org.springframework.web.context.request.ServletRequestAttributes; @@ -24,8 +24,12 @@ import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.util.UriComponents;
import static org.junit.Assert.*;
import static org.junit.Assert.assertEquals;
/**
* Unit tests for
* {@link org.springframework.web.servlet.support.ServletUriComponentsBuilder}.
*
* @author Rossen Stoyanchev
*/
public class ServletUriComponentsBuilderTests {
@ -85,7 +89,7 @@ public class ServletUriComponentsBuilderTests { @@ -85,7 +89,7 @@ public class ServletUriComponentsBuilderTests {
}
@Test
public void fromRequestWithForwardedHostHeader() {
public void fromRequestWithForwardedHost() {
request.addHeader("X-Forwarded-Host", "anotherHost");
request.setRequestURI("/mvc-showcase/data/param");
request.setQueryString("foo=123");
@ -97,7 +101,7 @@ public class ServletUriComponentsBuilderTests { @@ -97,7 +101,7 @@ public class ServletUriComponentsBuilderTests {
// SPR-10701
@Test
public void fromRequestWithForwardedHostAndPortHeader() {
public void fromRequestWithForwardedHostIncludingPort() {
request.addHeader("X-Forwarded-Host", "webtest.foo.bar.com:443");
request.setRequestURI("/mvc-showcase/data/param");
request.setQueryString("foo=123");
@ -116,6 +120,19 @@ public class ServletUriComponentsBuilderTests { @@ -116,6 +120,19 @@ public class ServletUriComponentsBuilderTests {
assertEquals("a.example.org", ServletUriComponentsBuilder.fromRequest(this.request).build().getHost());
}
// SPR-11855
@Test
public void fromRequestWithForwardedHostAndPort() {
this.request.addHeader("X-Forwarded-Host", "foobarhost");
this.request.addHeader("X-Forwarded-Port", "9090");
this.request.setServerPort(8080);
UriComponents uriComponents = ServletUriComponentsBuilder.fromRequest(this.request).build();
assertEquals("foobarhost", uriComponents.getHost());
assertEquals(9090, uriComponents.getPort());
}
@Test
public void fromContextPath() {
request.setRequestURI("/mvc-showcase/data/param");

Write Preview
Loading…
Cancel
Save