Polishing
Optimize same origin check when the request is an instance of ServletServerHttpRequest and when there is no forwarded headers. This commit also optimizes the getPort methods and ForwardedHeaderFilter forwarded headers checks. Issue: SPR-16262
This commit is contained in:
@@ -168,7 +168,7 @@ public class WebUtilsTests {
|
||||
if (port != -1) {
|
||||
servletRequest.setServerPort(port);
|
||||
}
|
||||
request.getHeaders().set(HttpHeaders.ORIGIN, originHeader);
|
||||
servletRequest.addHeader(HttpHeaders.ORIGIN, originHeader);
|
||||
return WebUtils.isValidOrigin(request, allowed);
|
||||
}
|
||||
|
||||
@@ -179,7 +179,7 @@ public class WebUtilsTests {
|
||||
if (port != -1) {
|
||||
servletRequest.setServerPort(port);
|
||||
}
|
||||
request.getHeaders().set(HttpHeaders.ORIGIN, originHeader);
|
||||
servletRequest.addHeader(HttpHeaders.ORIGIN, originHeader);
|
||||
return WebUtils.isSameOrigin(request);
|
||||
}
|
||||
|
||||
@@ -191,15 +191,15 @@ public class WebUtilsTests {
|
||||
servletRequest.setServerPort(port);
|
||||
}
|
||||
if (forwardedProto != null) {
|
||||
request.getHeaders().set("X-Forwarded-Proto", forwardedProto);
|
||||
servletRequest.addHeader("X-Forwarded-Proto", forwardedProto);
|
||||
}
|
||||
if (forwardedHost != null) {
|
||||
request.getHeaders().set("X-Forwarded-Host", forwardedHost);
|
||||
servletRequest.addHeader("X-Forwarded-Host", forwardedHost);
|
||||
}
|
||||
if (forwardedPort != -1) {
|
||||
request.getHeaders().set("X-Forwarded-Port", String.valueOf(forwardedPort));
|
||||
servletRequest.addHeader("X-Forwarded-Port", String.valueOf(forwardedPort));
|
||||
}
|
||||
request.getHeaders().set(HttpHeaders.ORIGIN, originHeader);
|
||||
servletRequest.addHeader(HttpHeaders.ORIGIN, originHeader);
|
||||
return WebUtils.isSameOrigin(request);
|
||||
}
|
||||
|
||||
@@ -210,8 +210,8 @@ public class WebUtilsTests {
|
||||
if (port != -1) {
|
||||
servletRequest.setServerPort(port);
|
||||
}
|
||||
request.getHeaders().set("Forwarded", forwardedHeader);
|
||||
request.getHeaders().set(HttpHeaders.ORIGIN, originHeader);
|
||||
servletRequest.addHeader("Forwarded", forwardedHeader);
|
||||
servletRequest.addHeader(HttpHeaders.ORIGIN, originHeader);
|
||||
return WebUtils.isSameOrigin(request);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user