Attachment #33985 for bug #57665

View | Details | Raw Unified | Return to bug 57665
Collapse All | Expand All

Lines 47-52 Link Here

(-)test/org/apache/catalina/valves/TestRemoteIpValve.java (+62 lines)
47	private String remoteHost;	47	private String remoteHost;
48	private String scheme;	48	private String scheme;
49	private boolean secure;	49	private boolean secure;
		50	private String serverName;
50	private int serverPort;	51	private int serverPort;
51	private String forwardedFor;	52	private String forwardedFor;
52	private String forwardedBy;	53	private String forwardedBy;
Lines 63-68 Link Here
63	return scheme;	64	return scheme;
64	}	65	}
65		66
		67	public String getServerName() {
		68	return serverName;
		69	}
		70
66	public int getServerPort() {	71	public int getServerPort() {
67	return serverPort;	72	return serverPort;
68	}	73	}
Lines 85-90 Link Here
85	this.remoteAddr = request.getRemoteAddr();	90	this.remoteAddr = request.getRemoteAddr();
86	this.scheme = request.getScheme();	91	this.scheme = request.getScheme();
87	this.secure = request.isSecure();	92	this.secure = request.isSecure();
		93	this.serverName = request.getServerName();
88	this.serverPort = request.getServerPort();	94	this.serverPort = request.getServerPort();
89	this.forwardedFor = request.getHeader("x-forwarded-for");	95	this.forwardedFor = request.getHeader("x-forwarded-for");
90	this.forwardedBy = request.getHeader("x-forwarded-by");	96	this.forwardedBy = request.getHeader("x-forwarded-by");
Lines 670-675 Link Here
670	}	676	}
671		677
672	@Test	678	@Test
		679	public void testInvokeXforwardedHost() throws Exception {
		680
		681	// PREPARE
		682	RemoteIpValve remoteIpValve = new RemoteIpValve();
		683	remoteIpValve.setHostHeader("x-forwarded-host");
		684	remoteIpValve.setPortHeader("x-forwarded-port");
		685	remoteIpValve.setProtocolHeader("x-forwarded-proto");
		686	RemoteAddrAndHostTrackerValve remoteAddrAndHostTrackerValve = new RemoteAddrAndHostTrackerValve();
		687	remoteIpValve.setNext(remoteAddrAndHostTrackerValve);
		688
		689	Request request = new MockRequest();
		690	request.setCoyoteRequest(new org.apache.coyote.Request());
		691	// client ip
		692	request.setRemoteAddr("192.168.0.10");
		693	request.setRemoteHost("192.168.0.10");
		694	// protocol
		695	request.setSecure(false);
		696	request.setServerPort(8080);
		697	request.getCoyoteRequest().scheme().setString("http");
		698	// host and port
		699	request.getCoyoteRequest().serverName().setString("10.0.0.1");
		700	request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-host").setString("example.com");
		701	request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-port").setString("8443");
		702	request.getCoyoteRequest().getMimeHeaders().addValue("x-forwarded-proto").setString("https");
		703
		704	// TEST
		705	remoteIpValve.invoke(request, null);
		706
		707	// VERIFY
		708	// protocol
		709	String actualServerName = remoteAddrAndHostTrackerValve.getServerName();
		710	assertEquals("x-forwarded-host is null", "example.com", actualServerName);
		711
		712	String actualScheme = remoteAddrAndHostTrackerValve.getScheme();
		713	assertEquals("x-forwarded-proto is null", "https", actualScheme);
		714
		715	int actualServerPort = remoteAddrAndHostTrackerValve.getServerPort();
		716	assertEquals("x-forwarded-proto is null", 8443, actualServerPort);
		717
		718	boolean actualSecure = remoteAddrAndHostTrackerValve.isSecure();
		719	assertTrue("x-forwarded-proto is null", actualSecure);
		720
		721	String actualPostInvokeServerName = request.getServerName();
		722	assertEquals("postInvoke serverName", "10.0.0.1", actualPostInvokeServerName);
		723
		724	boolean actualPostInvokeSecure = request.isSecure();
		725	assertFalse("postInvoke secure", actualPostInvokeSecure);
		726
		727	int actualPostInvokeServerPort = request.getServerPort();
		728	assertEquals("postInvoke serverPort", 8080, actualPostInvokeServerPort);
		729
		730	String actualPostInvokeScheme = request.getScheme();
		731	assertEquals("postInvoke scheme", "http", actualPostInvokeScheme);
		732	}
		733
		734	@Test
673	public void testInvokeNotAllowedRemoteAddr() throws Exception {	735	public void testInvokeNotAllowedRemoteAddr() throws Exception {
674	// PREPARE	736	// PREPARE
675	RemoteIpValve remoteIpValve = new RemoteIpValve();	737	RemoteIpValve remoteIpValve = new RemoteIpValve();

Lines 424-429 Link Here

(-)java/org/apache/catalina/valves/RemoteIpValve.java (+35 lines)
424	*/	424	*/
425	private String protocolHeaderHttpsValue = "https";	425	private String protocolHeaderHttpsValue = "https";
426		426
		427	private String hostHeader = null;
		428
427	private String portHeader = null;	429	private String portHeader = null;
428		430
429	/**	431	/**
Lines 475-480 Link Here
475		477
476	/**	478	/**
477	* Obtain the name of the HTTP header used to override the value returned	479	* Obtain the name of the HTTP header used to override the value returned
		480	* by {@link Request#getServerName()}.
		481	*
		482	* @return The HTTP header name
		483	*/
		484	public String getHostHeader() {
		485	return hostHeader;
		486	}
		487
		488	/**
		489	* Set the name of the HTTP header used to override the value returned
		490	* by {@link Request#getServerName()}.
		491	*
		492	* @param hostHeader The HTTP header name
		493	*/
		494	public void setHostHeader(String hostHeader) {
		495	this.hostHeader = hostHeader;
		496	}
		497
		498	/**
		499	* Obtain the name of the HTTP header used to override the value returned
478	* by {@link Request#getServerPort()} and (optionally depending on {link	500	* by {@link Request#getServerPort()} and (optionally depending on {link
479	* {@link #isChangeLocalPort()} {@link Request#getLocalPort()}.	501	* {@link #isChangeLocalPort()} {@link Request#getLocalPort()}.
480	*	502	*
Lines 567-572 Link Here
567	final String originalRemoteHost = request.getRemoteHost();	589	final String originalRemoteHost = request.getRemoteHost();
568	final String originalScheme = request.getScheme();	590	final String originalScheme = request.getScheme();
569	final boolean originalSecure = request.isSecure();	591	final boolean originalSecure = request.isSecure();
		592	final String originalServerName = request.getServerName();
570	final int originalServerPort = request.getServerPort();	593	final int originalServerPort = request.getServerPort();
571	final String originalProxiesHeader = request.getHeader(proxiesHeader);	594	final String originalProxiesHeader = request.getHeader(proxiesHeader);
572	final String originalRemoteIpHeader = request.getHeader(remoteIpHeader);	595	final String originalRemoteIpHeader = request.getHeader(remoteIpHeader);
Lines 639-644 Link Here
639	// use request.coyoteRequest.scheme instead of request.setScheme() because request.setScheme() is no-op in Tomcat 6.0	662	// use request.coyoteRequest.scheme instead of request.setScheme() because request.setScheme() is no-op in Tomcat 6.0
640	request.getCoyoteRequest().scheme().setString("https");	663	request.getCoyoteRequest().scheme().setString("https");
641		664
		665	setHost(request);
642	setPorts(request, httpsServerPort);	666	setPorts(request, httpsServerPort);
643	} else {	667	} else {
644	request.setSecure(false);	668	request.setSecure(false);
Lines 645-650 Link Here
645	// use request.coyoteRequest.scheme instead of request.setScheme() because request.setScheme() is no-op in Tomcat 6.0	669	// use request.coyoteRequest.scheme instead of request.setScheme() because request.setScheme() is no-op in Tomcat 6.0
646	request.getCoyoteRequest().scheme().setString("http");	670	request.getCoyoteRequest().scheme().setString("http");
647		671
		672	setHost(request);
648	setPorts(request, httpServerPort);	673	setPorts(request, httpServerPort);
649	}	674	}
650	}	675	}
Lines 685-690 Link Here
685	// use request.coyoteRequest.scheme instead of request.setScheme() because request.setScheme() is no-op in Tomcat 6.0	710	// use request.coyoteRequest.scheme instead of request.setScheme() because request.setScheme() is no-op in Tomcat 6.0
686	request.getCoyoteRequest().scheme().setString(originalScheme);	711	request.getCoyoteRequest().scheme().setString(originalScheme);
687		712
		713	request.getCoyoteRequest().serverName().setString(originalServerName);
688	request.setServerPort(originalServerPort);	714	request.setServerPort(originalServerPort);
689		715
690	if (originalProxiesHeader == null \|\| originalProxiesHeader.length() == 0) {	716	if (originalProxiesHeader == null \|\| originalProxiesHeader.length() == 0) {
Lines 701-706 Link Here
701	}	727	}
702	}	728	}
703		729
		730	private void setHost(Request request) {
		731	if (hostHeader != null) {
		732	String hostHeaderValue = request.getHeader(hostHeader);
		733	if (hostHeaderValue != null) {
		734	request.getCoyoteRequest().serverName().setString(hostHeaderValue);
		735	}
		736	}
		737	}
		738
704	private void setPorts(Request request, int defaultPort) {	739	private void setPorts(Request request, int defaultPort) {
705	int port = defaultPort;	740	int port = defaultPort;
706	if (portHeader != null) {	741	if (portHeader != null) {

Return to bug 57665